Your ISP Doesn’t Need DNS to See What You Visit

Encrypted DNS, Pi-hole, Unbound, Cloudflare, and Quad9 can hide or reduce DNS exposure, but that does not automatically stop your ISP from seeing which websites you visit. In this hands-on test, David uses a Raspberry Pi, Python scripts, and a network tap to show how an ISP-like observer can still log website destinations through TLS/SNI traffic, even when DNS queries are hidden.

We test multiple setups, including DNS over HTTPS, Pi-hole, Unbound, Cloudflare, and browser secure DNS settings, then compare what disappears from DNS logs versus what still shows up in live connection metadata. If you think encrypted DNS alone gives you browsing privacy, this demonstration may change how you think about ISP tracking, website blocking, and the limits of DNS privacy.

// Python scripts //
You can get the python scripts from GitHub here:
DNS Monitor: https://github.com/davidbombal/sni-dn….
SNI Monitor: https://github.com/davidbombal/sni-dn…

// Previous video //
How your ISP tracks you (even with encrypted DNS): How your ISP tracks you (even with encrypt…

// YouTube Video REFERENCE //
How your ISP tracks you (even with encrypted DNS): How your ISP tracks you (even with encrypt…

// David’s Social //

================
Coect with me:
================
Discord: http://discord.davidbombal.com
X: https://www.x.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube Main https://www.youtube.com/davidbombal
YouTube Tech: https://www.youtube.com/chael/UCZTIRrENWr_rjVoA7BcUE_A
YouTube Clips: https://www.youtube.com/chael/UCbY5wGxQgIiAeMdNkW5wM6Q
YouTube Emerging Technologies: https://www.youtube.com/chael/UCbY5wGxQgIiAeMdNkW5wM6Q
YouTube Shorts: https://www.youtube.com/chael/UCEyCubIF0e8MYi1jkgVepKg
Apple Podcast: https://davidbombal.wiki/applepodcast
Spotify Podcast: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ
SoundCloud: / davidbombal

================
Support me:
================
Or, buy my CCNA course and support me:
DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna
Udemy CCNA Course: https://bit.ly/ccnafor10dollars
GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10

// MY STUFF //
https://www.amazon.com/shop/davidbombal

// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com

// MENU //
0:00 – Introduction
02:13 – SNI vs DNS Monitoring

03:44 – Traffic Examples
06:10 – Capture traffic with Wireshark

08:02 – Firefox Settings
08:32 – Comparing Traffic Post Encryption

10:30 – DNS settings
11:05 – Comparing Traffic Again

13:40 – Using pi-hole
14:58 – Firefox Settings Variation

15:36 – Comparing Traffic Again
16:16 – Using an Unbound Server
17:10 – Comparing Traffic Again
18:33 – Chrome Demonstration
19:48 – Comparing Traffic Again
20:43 – Using Cloudflare
21:16 – Comparing Traffic Again

22:03 – More Examples
23:50 – Outro

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.
#dns #cloudflare #pihole