| ▲ | tuwtuwtuwtuw 3 days ago | |
Even if you use the internal resolver you could exfiltrate the data. | ||
| ▲ | lormayna 3 days ago | parent | next [-] | |
Yes, but an internal resolver has filtering and must be heavy monitored. If the DNS logs are sent to a SIEM you will be detected quickly | ||
| ▲ | pixl97 3 days ago | parent | prev [-] | |
I mean most of the time said company resolvers have a service that block either suspicious requests, or only allow whitelisted domains. | ||