DNS: Difference between revisions
From charlesreid1
(Created page with "Why do I have a whole page dedicated to DNS? Well, DNS is important. Tracking people's DNS queries provides you a record of what sites they are visiting, based on their IP ad...") |
|||
| (7 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
(For instructions on setting up a DNS server, see [[Linux/DNS]]). | |||
Why do I have a whole page dedicated to DNS? | Why do I have a whole page dedicated to DNS? | ||
Well, DNS is important. Tracking people's DNS queries provides you a record of what sites they are visiting, based on their IP addresses. It's important to understand where your DNS queries are going, who might be seeing them, and who might be storing them (to, say, hand over to | Well, DNS is important. Tracking people's DNS queries provides you a record of what sites they are visiting, based on their IP addresses. It's important to understand where your DNS queries are going, who might be seeing them, and who might be storing them (to, say, hand over to three-letter government agencies when they ask nicely). | ||
This is why the WikiLeaks wiki has a page on DNS: https://www.wikileaks.org/wiki/Alternative_DNS | This is why the WikiLeaks wiki has a page on DNS: https://www.wikileaks.org/wiki/Alternative_DNS | ||
| Line 9: | Line 11: | ||
In Linux, the DNS servers that a computer uses to look up website names and turn them into IP addresses are listed in the file <code>/etc/resolv.conf</code> | In Linux, the DNS servers that a computer uses to look up website names and turn them into IP addresses are listed in the file <code>/etc/resolv.conf</code> | ||
==Debian Linux== | ==Debian Linux with NetworkManager== | ||
Notes on network settings in Debian, from the Debian Wiki: https://wiki.debian.org/NetworkConfiguration#Defining_the_.28DNS.29_Nameservers | Notes on network settings in Debian, from the Debian Wiki: https://wiki.debian.org/NetworkConfiguration#Defining_the_.28DNS.29_Nameservers | ||
| Line 16: | Line 18: | ||
To fix this, I had to modify the NetworkManager settings for my ethernet device. Here's a script to walk you through that process: | To fix this, I had to modify the NetworkManager settings for my ethernet device. Here's a script to walk you through that process: | ||
<code>fix_dns.sh</code> | |||
<pre> | <pre> | ||
#!/bin/bash | #!/bin/bash | ||
# | # | ||
| Line 44: | Line 47: | ||
</pre> | </pre> | ||
This prints out | This prints out the steps, then runs the NetworkManager connection editor to allow you to update the settings of your particular network interface. | ||
If you're using multiple network interfaces (e.g., a wired interface and a wireless interface) and want to use the same DNS for all of them, edit them one-at-a-time. | If you're using multiple network interfaces (e.g., a wired interface and a wireless interface) and want to use the same DNS for all of them, edit them one-at-a-time. | ||
==Using PiHole DNS Server== | |||
See [[Ubuntu/Bespin/PiHole]] for details on setting up a PiHole docker container to act as a system DNS server. | |||
=Metasploit DNS Recon= | |||
Tricks for DNS recon and information-gathering using Metasploit: | |||
http://wiki.securityweekly.com/wiki/index.php/Episode175 | |||
=Flags= | |||
{{NetworkingFlag}} | {{NetworkingFlag}} | ||
{{DNSFlag}} | |||
Latest revision as of 05:12, 19 August 2020
(For instructions on setting up a DNS server, see Linux/DNS).
Why do I have a whole page dedicated to DNS?
Well, DNS is important. Tracking people's DNS queries provides you a record of what sites they are visiting, based on their IP addresses. It's important to understand where your DNS queries are going, who might be seeing them, and who might be storing them (to, say, hand over to three-letter government agencies when they ask nicely).
This is why the WikiLeaks wiki has a page on DNS: https://www.wikileaks.org/wiki/Alternative_DNS
Setting DNS
In Linux, the DNS servers that a computer uses to look up website names and turn them into IP addresses are listed in the file /etc/resolv.conf
Debian Linux with NetworkManager
Notes on network settings in Debian, from the Debian Wiki: https://wiki.debian.org/NetworkConfiguration#Defining_the_.28DNS.29_Nameservers
NetworkManager kept changing my resolv.conf to be whatever it automatically obtained from my gateway (my home router), which unfortunately was a DNS I did NOT want to use.
To fix this, I had to modify the NetworkManager settings for my ethernet device. Here's a script to walk you through that process:
fix_dns.sh
#!/bin/bash # # Fix the DNS settings echo "" echo "FIX DNS SETTINGS" echo "----------------" echo "" echo "Step 1) Find your connection in the list and click Edit." echo "Step 2) Click the IPv4 Settings tab." echo "Step 3) Choose Automatic (DHCP) Addresses Only instead of just Automatic (DHCP)" echo "Step 4) Enter DNS servers in DNS Servers field, separated by spaces." echo "" echo " OpenDNS:" echo " 208.67.222.222" echo " 208.67.220.220" echo "" echo " Cisco" echo " 171.70.168.183" echo " 128.107.241.185" echo " 64.102.255.44" nm-connection-editor &> /dev/null
This prints out the steps, then runs the NetworkManager connection editor to allow you to update the settings of your particular network interface.
If you're using multiple network interfaces (e.g., a wired interface and a wireless interface) and want to use the same DNS for all of them, edit them one-at-a-time.
Using PiHole DNS Server
See Ubuntu/Bespin/PiHole for details on setting up a PiHole docker container to act as a system DNS server.
Metasploit DNS Recon
Tricks for DNS recon and information-gathering using Metasploit:
http://wiki.securityweekly.com/wiki/index.php/Episode175
Flags
 |
Networking pages and notes about computer networks.
Man in the Middle attack vectors on wired networks: Man in the Middle/Wired Packet analysis with Wireshark: Wireshark Packet Analysis Linux networking: Linux/Networking
Using Aircrack: Aircrack Many Ways to Crack a Wifi: Cracking Wifi
Linux/Networking · Linux/SSH · Linux/File Server
Notes on OpenVPN: OpenVPN Setting Up a Static Key VPN: OpenVPN/Static Key
Domain Name Servers: DNS · Linux/DNS IP Version 6: IPv6
Wireshark · SSH · Stunnel · Tor · Ettercap · Aircrack · Tcpdump
Tunnels · HTTP and HTTPS · SSH Tunnels · Linux/SSH
|