Addressing DNS hijacking and DNS contamination through open source programs

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

We know that some network operators for some purposes, the DNS did some operations, resulting in the use of the ISP's normal Internet settings can not obtain the correct IP address through the domain name. Commonly used means are: DNS hijacking and DNS pollution. For the differences between DNS hijacking and DNS pollution, find related articles. The way to deal with DNS hijacking is simple, just change the system's DNS settings to the IP address of a foreign DNS server. But for DNS pollution, there is generally no alternative to using software like proxy servers and VPNs. But with our understanding of DNS pollution, we can still do without the proxy server and VPN software can solve the problem of DNS pollution, so without using a proxy server or VPN access to some of the site can not be visited. Of course, this does not solve all of the problems, when some inaccessible sites themselves are not caused by DNS pollution problems, still need to use a proxy server or VPN to access.

We know that DNS-contaminated packets are not on the routers that the network packets pass through, but are generated by the bypass. Therefore, DNS pollution does not prevent the return of the correct DNS resolution results, but because the bypass generated packets are sent back faster than the foreign DNS server, the operating system believes that the first packet received is the result of the return, thereby ignoring the packets received subsequently, so that DNS pollution succeeded. And some countries in the DNS pollution over a period of time the pollution of the IP is fixed, so you can ignore the return result is these IP address packets, directly solve the problem of DNS pollution.

Here I use Java to do a simple small program and provide the source code, after the operation of the machine can be in the absence of proxy server and VPN, can directly solve the problem of DNS pollution. If you do not have Java installed, you can install one on the http://www.java.com/. After unlocking the Antidnspollution.zip, run Filter.bat (Linux users run filter.sh) and wait for the startup to succeed. The IP address of the system's DNS server is then set to 127.0.0.1. Then open a command line window, execution nslookup some DNS contaminated domain name, is not resolved correctly?

The specific workflow of this small program: first, after the program started, will read the configuration from the text file dnsfilter.properties, and then go to a non-existent DNS server-but this IP address is foreign-DNS query hijacked domain name, Then the returned IP address is hijacked IP, was recorded, then the normal DNS query, the IP address automatically filtered. This program will be updated periodically and may also be out. NET version, please pay attention to the update on my Google reader.

For advanced users, you can modify the profile dnsfilter.properties by hand using a text editor:

Bindtoip: After the applet is started as the DNS service period binding 53 port, here Specify the binding IP address

DNSServer: A foreign DNS server that can be set to the IP address of a opendns or Google DNS server

Responsetimeout:dns query returns time of timeout (ms)

Testdnsserver: Test DNS server, specify a nonexistent DNS service period, but require IP to be foreign

Testresptimeout: Test DNS Server Query return timeout (MS), which is the bypass reply timeout for DNS hijacking

Testcount: Test the number of DNS servers, in order to get all the hijacked IP address, a certain number of test times

Small program execution file and source code in the same compression package, please click here to download (including source code): Http://www.williamlong.info/download/AntiDnsPollution.zip

Article Source: http://www.williamlong.info/archives/2184.html