Introduction to DNS hijacking and recommendation of Public DNS

Description

We know that some network operators perform DNS operations for some purpose, so that the correct IP address cannot be obtained through the domain name through the normal internet access settings of the ISP. Common methods include:DNS hijackingAndDNS pollution. DNS hijacking and DNS pollution are very common in tianchao. Generally, after an error or nonexistent URL is entered, the 404 page is displayed, but we can see that all the pages are the URL navigation pages of China Telecom, China Unicom, and other carriers, when a website is visited normally, there is a small advertisement of China Telecom, but some websites outside China still cannot be accessed without using an agent.Google was almost completely bannedMicrosoft onedrive cannot be opened, and these problems have a certain relationship with DNS.

DNS hijacking

DNS hijacking means that the DNS server is hijacked to gain control over the resolution records of a domain name, and then modify the resolution results of this domain name, as a result, access to the domain name is transferred from the original IP address to the modified specified IP address. The result isCannot access a specific websiteOr you can access a fake website to steal data or damage the original normal service. DNS hijacking is returned to the user by tampering with the data on the DNS serverIncorrect Query Result.

DNS hijacking symptoms: After a user successfully connects to a broadband network in some regions, for the first time, any page is directed to the "telecom internet star" and "Netcom yellow page advertisement" provided by the ISP. In addition, Baidu's website appeared when users visited the Google domain name. These are DNS hijacking.

DNS pollution

DNS pollution is a method that prevents common users from communicating with a false target host IP address.DNS cache poisoning attacks(DNS Cache forwarding oning ). The working method is as follows: Generally, DNS queries do not have any authentication mechanism, and DNS queries are usually based on UDPNon-connection and unreliableTherefore, DNS queries are prone to tampering by performing Intrusion Detection on DNS queries on UDP port 53, once a request matches the keyword is found, it is immediately disguised as the DNS server (NS, Name Server) of the target domain name to the queryer.Returns false results.

DNS contamination symptoms: some of them are currently beingAccess prohibitedWebsites are basically implemented through DNS pollution, such as YouTube and Facebook.

Solution

For DNS hijacking, You can manually change the DNS serverPublic DNSSolution.

For DNS pollution, it can be said that it is difficult for individual users to solve the problem by setting up. Generally, VPN or domain name remote resolution can be used, but most of them need to purchase paid VPN or SSH, etc, you can also manually set the correct IP address of the domain name by modifying the hosts method.

Public DNS

Public DNS isTarget publicOfFree. We know that to access the Internet, we must use the DNS resolution service. Although most computer users seldom manually set the DNS server address, the DNS address of the network provider is automatically obtained by default, however, for some small network service providers, there may be fewer DNS nodes around the world or nationwide, which may lead to slow web pages.

After the DNS server address is changed to public DNSAccelerate domain name resolution,Prevent DNS hijacking,Enhanced Internet Security, You can alsoShield most carrier advertisements. Below are several common public DNS server addresses:

Name	DNS Server IP Address
Openerdns	42.120.21.30
Alidns	223.5.5.5	223.6.6.6
V2ex DNS	199.91.73.222	178.79.131.110
CNNIC SDNs	1.2.4.8	210.2.4.8
114 DNS	114.114.114.114	114.114.115.115
Google DNS	8.8.8.8	8.8.4.4
Opendns	208.67.222.222	208.67.220.220

I have provided so many options. If you are a domestic user and have no cleanliness, consider114dnsAndAlibaba DNSIn China, you can selectV2ex DNSAndOpenerdnsIn other countries, you can select a lot, preferably Google. Although there is a delay, you can still accept it. Others are looking at your network.

Manually change DNS

1. Open "network and sharing center ";

2. Click the network in use to open the "status ";

3. Open "attribute ";

4. Double-click "Internet Protocol Version 4 (TCP/IPv4 )";

5. Click "Use the following DNS server address ";

6. Enter the public DNS server address above and click OK.

Fixed Link to this article: Workshop
.

Introduction to DNS hijacking and recommendation of Public DNS