DoT Configs

Hello,

I want to use 1.1.1.1 as dns for all traffic.

I have a keenetic modem. I configured DoT and disable 3rd dns requests.

Also I use AVG antivirus. When web shield etc. enabled it force to use their dns. And it dont use their global ip. dataleaktest(.)com shows their servers from my country.

When I disable web shield etc. and modem is configured, It uses cloudflare ips but dnsleaktest(.)com show another cloudflare ip from my country. That things how works? I want to use only 1.1.1.1 for requests.

When I check one.one.one.one help it says :

|Connected to 1.1.1.1|Yes|
|Using DNS over HTTPS (DoH)|No|
|Using DNS over TLS (DoT)|Yes|

but

Connectivity to Resolver IP Addresses

|1.1.1.1|No|
|1.0.0.1|No|

They have shifted their business model to gathering user data for advertising. I think you can uninstall that and still stay on top.

Which antivirus do you suggest?

Now I tested AVG VPN and It convert to their dns too when using vpn.

How can I prevent this? When I disable web shield etc. browsers uses cloudflare dns but CF probably direct to their local servers.

Windows Defender does a more than a decent job for as long as you can tighten your settings (search the Windows hardening guide here and try to enable all the security measures that you can) and keep Windows Defender up to date with Windows Update.

Keep in mind these are just harm reduction measures and maybe consider a different OS altogether.