EDIT: So because of my $0 budget and the fact that my uptime is around 50% (PC, no additional servers) I ended up using NextDNS. For the time being it works (according to dnsleaktest), an added benefit was improved ad-blocking (100% in this tool). I now have plans for a proper router in the future with a Pi-hole. Thanks so much for all the info & suggestions, definitely learnt a lot.

So it turns out I got myself into an ISP that was shittier than expected (I already knew it was kinda shitty), they DNS hijack for whatever reason and I can’t manually set my own DNS on my router or even my devices.

Cyber security has never been my forte but I’m always trying to keep learning as I go. I’ve read that common solutions involve using a different port (54) or getting a different modem/router or just adding a router.

Are they all true? Whats the cheapest, easiest way of dealing with all of this?

  • @vector_zero
    link
    English
    61 year ago

    Doesn’t the RPi still go through the ISP? You’d still have to find a way to bypass their hijacking attempts, just on a different device this time.

    • slazer2au
      link
      English
      51 year ago

      Dot or doh will stop the DNS rewrites.

    • A Mouse
      link
      fedilink
      English
      11 year ago

      Using something like DoH or DoT can help with this, I don’t know about pi-hole, however adguardhome can do it.

    • @[email protected]
      link
      fedilink
      English
      1
      edit-2
      1 year ago

      You’d have to use DNS over HTTPS, DNS over TLS, or DNS over QUIC. As far as I know, PiHole doesn’t support these out-of-the-box, so AdGuard Home is a better choice (it’s like PiHole but more powerful).

      I know PiHole had plans to implement this though, so maybe they do support it now.