Comcast forwarding port 53 to hard coded dns

I recently signed up for Comcast internet service and they installed an Arris TG1682G cable modem. I found that it is not possible to modify the DNS settings on their gateway, and have read that they forward all port 53 requests to their own DNS servers. My question is this:
Does the 1.1.1.1 setting on my cell phone keep my lookups private from my ISP (Comcast), or can they see every site that I visit?

If you get positive results for DoH or DoT at the following link, then your lookups are private:
https://1.1.1.1/help

1 Like

Thank you! I didn’t know that tool existed. The only negative I get is: “Using DNS over HTTPS (DoH) No”. So is it safe to assume that my lookups are private, and not being intercepted by my ISP?

Can you post the link that page gave you?

1 Like

Yes sir:
https://1.1.1.1/help?_ga=2.98440927.1194897174.1572099930-570813968.1571657143#eyJpc0NmIjoiWWVzIiwiaXNEb3QiOiJZZXMiLCJpc0RvaCI6Ik5vIiwicmVzb2x2ZXJJcC0xLjEuMS4xIjoiWWVzIiwicmVzb2x2ZXJJcC0xLjAuMC4xIjoiWWVzIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTExMSI6IlllcyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjEwMDEiOiJZZXMiLCJkYXRhY2VudGVyTG9jYXRpb24iOiJNSUEiLCJpc3BOYW1lIjoiQ2xvdWRmbGFyZSIsImlzcEFzbiI6IjEzMzM1In0=

Yes, you appear to be using DoT, and assuming all your DNS requests do go via DoT and not plain DNS, and you have a proper DoT setup with a proper certificate validation, you could safely assume that your DNS requests are private when it comes to your ISP.

2 Likes

Excellent! But how can I be sure I have a proper DoT setup? Is that the Private DNS setting on my Android phone?

Where did you set up Cloudfare’s DNS service in the first place?

Alright, so we are talking about DoT on Android. Yes, that setup should make sure that your ISP cant access any DNS requests you are sending from your Android device, however keep in mind this only applies to this particular device and no other you might have on your network.

1 Like

Perfect, thanks. I’m aware that this only affects my particular Android phone. :grin: