Solve DNS hijacking and DNS pollution through open-source programs at the same time

Source: Internet
Author: User

We know that some network operators perform DNS operations for some purpose, so that the correct IP address cannot be obtained through the domain name through the normal internet access settings of the ISP. Common means include DNS hijacking and DNS pollution. For details about the differences between DNS hijacking and DNS pollution, refer to related articles. The method for dealing with DNS hijacking is simple. You only need to change the system's DNS settings to the IP address of the foreign DNS server. However, for DNS pollution, there is generally no other way than using software such as proxy servers and VPN. However, with our understanding of DNS pollution, we can still solve the DNS pollution problem without using software such as proxy servers and VPN, in this way, you can access some websites that you cannot access without using a proxy server or VPN. Of course, this cannot solve all the problems. When some websites that cannot be accessed are not caused by DNS pollution, you still need to use the proxy server or VPN to access them.

We know that DNS-contaminated data packets are not generated on the router through which the network data packets pass, but on its bypass. Therefore, DNS contamination does not prevent correct DNS resolution results from returning, but because the data packets generated by the bypass are sent back faster than those sent back by foreign DNS servers, the operating system determines that the first packet received is the result returned, so as to ignore the packet received afterwards, thus causing DNS contamination. In some countries, the IP addresses that are contaminated by DNS are fixed for a period of time. Therefore, we can ignore the packets whose returned results are these IP addresses and directly solve the DNS pollution problem.

Here, I use Java to create a simple Applet and provide the source code. After running on the local machine, I can do this without a proxy server or VPN, DNS pollution can be solved directly. If Java is not installed, go to install one. After the file is unlocked, run filter. bat (for Linux users, run filter. sh) and wait until the startup is successful. Set the IP address of the system's DNS server to Open a command line window and execute nslookup for some domain names that are contaminated by DNS. Is the resolution correct?

Next, let's take a look at the specific workflow of this small program: after the program is started, it will start from the text file dnsfilter. properties to read the configuration, and then go to a non-existing DNS server -- but this IP address is foreign -- to perform DNS query for the hijacked domain name, and then the returned IP address is the hijacked IP address, after being recorded, these IP addresses are automatically filtered out in normal DNS queries. This program will be updated occasionally or occasionally. NET version, please follow the updates on my Google Reader.

For advanced users, You can manually use the text editor to modify the configuration file dnsfilter. properties:

BindToIP: port 53 is bound as the DNS service period after the applet is started. The bound IP address is specified here.

DnsServer: Foreign DNS server, which can be set to the IP address of OpenDNS or Google DNS Server

ResponseTimeout: the timeout time (MS) returned by DNS query)

TestDnsServer: test the DNS server. Please specify a non-existent DNS service period, but the IP address is required to be foreign

TestRespTimeout: test the DNS Server Query return timeout (milliseconds), that is, the DNS hijacking bypass reply timeout

TestCount: Number of times the DNS server is tested. To obtain all hijacked IP addresses, a certain number of tests are required.

The execution file and source code of the Applet are in the same compressed package. Click here to download (including the source code ).

Contributor Email: lehui99 (at), contributor Google Reader:

Source: Moon blog

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.