Richard Applegate

Tag: Adguard-Home

  • TpLink Omada: Services→ DNS proxy with Cloudron AdGuard Home. We like using DoH on our router.

    I finally got this to work with cloudron AdGuard Home because it won’t work just use DNS port or encryption until you add IP or Client ID in allowed Clients, so I am using Client ID. This will show you how to set up DOH AdGuard Home with TpLink Omada DNS Proxy.

    This explains to us what Client IDs are, and I found DNS over HTTPS is useful for our networks, since I had a wildcard certification.

    Open AdGuard home and log into your admin account. Navigate to the DNS settings and find allow clients. I put laketapp that I would use for our stores nickname. Then make sure you save it.

    Then go to TpLink Omada Controller Webgui and Login your admin, then select the location you want to set DNS over HTTPS with cloudron AdGuard Home.

    After you select Location, go to Services on the left side.

    Then go to DNS Proxy then go enable DNS proxy then DoH then add your AdGuard Server, mine is https://laketapp.dns195.richardapplegate.io.

    Now go check AdGuard Home, see if there are any queries,

    yep, it’s working, Now My Router is communicating with my DNS Server secured.

  • DNS amplification attack | closing the 53 port on my AdGuard Home Server.

    Today, I turned off the DNS port 53. Since we have been cutting off our store’s DNS server, it has been a DNS amplification attack. So I found out that my Router does have a DNS Proxy, My DNS Server does have HTTP over TLS and DNS-over-HTTPS. Everything is working and attacking is currently stopped after I set up 853 port encryptions and disable Plain DNS. I also want to keep my stores safe.

    Disable Plain DNS and DNS over TLS is 853.

    My router has a DNS Proxy option, so I added my DNS IP Server,

    Then I have gone to Wired Networks → LAN, then go to Admin

    If you change DNS Server to your DNS, please change to Auto So DNS Proxy to do the job.

    Now we have an encrypted DNS over TLS.

  • My DNS, both Primary and Secondary, got into DNS amplification attacks.

    My DNS, both Primary and Secondary, got into DNS amplification attacks.

    This attack trigger was found on October 16, 2023, when I received an email that my server was nearly full. This is not a typical occurrence. Therefore, I discovered that my AdGuard Home DNS Server had been compromised, and that a significant number of IP addresses exceeding 20K were targeted specifically in Brazil, Latin, two France Server, London, and more due to their focus on DNS attacks.

    I decided to conduct a thorough investigation into the individuals present on our server to obtain CIDRs for clients who have been disallowed. As a result, I was able to successfully disallow 99.9 percent of the clients. It is a better way than to block country IP. Because I don’t see myself as needing to waste my IP that is never used. So this way better to do block CIDR Range whoever owner IP they will be automatic disallow because they’re letting them attack DNS Server on us.

    Cisco.com is real, but the content is not.
    This is unusual, everything happening at once. This will cause my server to experience a slowdown.

    After I added the IP CIDRs to the client that were not allowed, I noticed that my dashboard went back to normal. Again, here is the link for IP addresses. I have been working on these for the past three days, but it appears that they have been stopped. Therefore, I want to help your times and your DNS Server and our to-do better. 🙂

    Secondary Server – Dell Server Tower mini – Portainer with AdGuard Home

    Primary Server – Dell Server Tower – Portainer with AdGuard home