Systemd Vulnerable to DNS Attacks

Systemd, the Linux world’s favorite init monolith, can be potentially crashed or hijacked by malicious DNS servers. Patches are available to address the security flaw, and should be installed ASAP if you’re affected.
Continue reading Systemd Vulnerable to DNS Attacks

Using Google Public DNS

Most people connect to the internet via their ISP’s DNS servers which more than likely are not the best and more than likely is slowing down your browsing. Using a 3rd party service not only speeds up your experience online. A while ago we wrote about OpenDNS, today we’re going over Google’s DNS service.

Important:
Make sure to write down your ISP’s DNS servers.

Google Public DNS IP addresses

IPv4 addresses are as follows:

  • 8.8.8.8
  • 8.8.4.4

IPv6 addresses are as follows:

  • 2001:4860:4860::8888
  • 2001:4860:4860::8844

Making the changes

Windows

  • Start the Network and Sharing Center (this process varies by windows version)
  • Click Change adadpter settings
  • Right-click Local Area Connection or Wireless Network Connection slelect Properties
  • Type in your administrator password if you are promted for it.
  • Click the Networking tab
  • Under the Internet Protocol Version 4 (TCP/IPv4) or Internet Protocol Version 6 (TCP/IPv6) and click Properties
  • Click Advanced and select the DNS tab, write down any IP’s that are listed here for future reference in case you want to revert later on.
  • Select Use the following DNS server addresses
  • Enter the IP’s from above
  • Restart your computer

Mac OS

  • Click the Apple menu ()
  • Click System Preferences and click the Network logo.
  • Select the connection you want to configure (Thunderbolt Ethernet or Wi-Fi or Display Ethernet) then click Advanced
  • Select the DNS tab
  • Click the + icon to enter the IP Addresses (repeat for each address)
  • Click Apply then click OK

Linux

I will go over doing this in Ubuntu since that is one of the more common flavors.

  • Start System Preferences and click Network Connections
  • Select the connection you want to configure Wired or Wireless tab, then select the appropriate network.
  • Click Edit, and in the window that appears, select the IPv4 Settings or IPv6 Settings tab.
  • If the selected method is Automatic (DHCP), open the dropdown and select Automatic (STATIC) addresses only instead.
  • If the method is set to something else, do not change it.
  • In the DNS servers field, enter the IP addresses, separated by a space:
  • Click Apply
  • If you are prompted for a password or confirmation, type the password or provide confirmation.

If your distribution doesn’t use Network Manager, your DNS settings are specified in /etc/resolv.conf.

Edit resolv.conf:

sudo vi /etc/resolv.conf

If any nameserver lines appear, write down the IP addresses for future reference. Replace or add, the following lines:

nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 2001:4860:4860::8888
nameserver 2001:4860:4860::8844

Save and exit

:wq

Restart any Internet clients you are using.

sudo /etc/init.d/networking restart

Routers

Every router uses a different user interface for configuring DNS server settings; we provide only a generic procedure below. For more information, please consult your router documentation.

Note:
Some ISPs hard-code their DNS servers into the equipment they provide; if you are using such a device, you will not be able to configure it. Instead, you can configure each of the computers connected to the router, as described above.
  • In your browser, enter the IP address to access the router’s administration console.
  • When prompted, enter the password to access network settings.
  • Find the screen in which DNS server settings are specified.
  • If there are IP addresses specified in the fields for the primary and seconday DNS servers, write them down for future reference.
  • Replace those addresses with the IP addresses from above
  • Save and exit.
  • Restart your browser.

Fix for broken search domain resolution in OS X Yosemite

Ok folks, after many moons trying to fix this issue in Yosemite I finally got it… If you are running earlier versions of OSX, see here for the fix.

What am I talking about?

Append search domains for partially qualified domain names when performing DNS lookups. You know.. For example, you work in it and ssh to hosts regularly and your company uses hostname.sub.domain.com or hostname.domain.com but you want to ssh to hostname or hostname.sub to shave some time off your clock. With older versions you could apply a fix with mDNSResponder to work around whatever Apple decided to do there; around rolls Yosemite and they change the whole damn thing around. Continue reading Fix for broken search domain resolution in OS X Yosemite

Flushing your DNS

We all have had that one time when your computer refuses to go to a site, or you can’t connect to something or a network. This is a result of a bad IP address or some other DNS result being cached in your system.

What is DNS caching

At it’s basic, DNS cache is simply how your computer remembers sites or networked locations and devices you’ve visited or networks you’ve connected to. It basically keeps the address that matches the URL of a site you visited for example.

How to flush

Flushing your DNS cache basically clears out all entries from your system and allows new entries to be made so that things flow smoothly. So here is how to do it on different systems.

Windows

Depending on the version of Windows you are using, the process to bring up a Command Prompt will be different but that is what you need. Basically you will want to do the following:

  • For XP – Click Start -> In the Run box type cmd.exe and press Enter
  • For 7 – Click Start -> All Programs -> Accessories -> right click on Command Prompt and click Run as Administrator
  • Win8 and up – Simply type cmd which will bring up the search results to the right of your screen -> right click on Command Prompt and click on Run as Administrator
  • Type ipconfig /flushdns and press Enter

MacOS

  • Open a command terminal and run the following:
    • 10.8 Mountain Lionsudo killall -HUP mDNSResponder then
    • 10.9 Mavericks and up – dscacheutil -flushcache then sudo killall -HUP mDNSResponder

Linux

Open a terminal and run the following sudo dscacheutil -flushcache

Clearing DNS Cache on a Mac

If you ever need to clear your DNS cache on your Mac you’ve come to the right place.

DNS is cached on your machine to help speed things up as you browse the same pages, servers, sites, etc by keeping a cache so you don’t have to go through the entire process again every time you visit the same place. Sometimes tho, things get lost in translation and a bad cache or two remain lingering causing troubles for you. Fear not, your SuperHero is here to save the day.

Clearing cache on Yosemite

Open Terminal and run this command:

dscacheutil -flushcache

Clearing cache on Mavericks

Open Terminal and run this command:

dscacheutil -flushcache

To reload DNS type this command:

sudo killall -HUP mDNSResponder

Clearing cache on older versions

Open Terminal and run this command:

lookupd -flushcache

List of Direct IPs in the Event of a DNS Takedown

IPs to Websites

Here is a list of IPs to use in the event of a DNS takedown. We will be adding more as time rolls by. If you have others to share, please leave a comment.

WEBSITE IP ADDRESS
1channel.com 208.87.33.151
amazon.com 72.21.211.176
aljazeera.com 198.78.201.252
bbc.co.uk 212.58.241.131
bing.com 65.55.175.254
blogtv.com 84.22.170.149
btjunkie.com 93.158.65.211
cracked.com 98.124.248.77
demonoid.com 62.149.24.66
demonoid.me 62.149.24.67
digg.com 64.191.203.30
dreamwidth.org 69.174.244.50
dropbox.com 199.47.217.179
facebook.com 69.171.224.11
fileshare.com 208.87.33.151
frys.com 209.31.22.39
gamespot.com 216.239.113.172
gamespy.com 69.10.25.46
github.com 207.97.227.239
google.com 74.125.157.99
gorillavid.com 178.17.165.74
hotfile.com 199.7.177.218
hotmail.com 65.55.72.135
hush.com 65.39.178.43
ign.com 69.10.25.46
imgur.com 173.231.140.219
justin.tv 199.9.249.21
livejournal.com 209.200.154.225
mediafire.com 205.196.120.13
megaupload.com 174.140.154.20
megavideo.com 174.140.154.32
mininova.com 80.94.76.5
multiupload.com 95.211.149.7
newegg.com 216.52.208.187
novamov.com 91.220.176.248
own3d.tv 208.94.146.80
pastebin.com 69.65.13.216
putlocker.com 89.238.130.247
reddit.com 72.247.244.88
sidereel.com 144.198.29.112
stickam.com 67.201.54.151
theonion.com 97.107.137.164
thepiratebay.org 194.71.107.15
twitter.com 199.59.149.230
tumblr.com 174.121.194.34
tvlinks.com 208.223.219.206
uploaded.to 95.211.143.200
uploading.com 195.191.207.40
videoweed.com 91.220.176.248
warez.ag 178.162.238.136
warez-bb.org 31.7.57.13
what.cd 67.21.232.223
wikipedia.org 208.80.152.201
youtube.com 74.125.65.91
yahoo.com 98.137.149.56

Tips

  • Here’s a tip for the do-it-yourself crowd: Go to your computer’s Start menu, and either go to “run” or just search for “cmd.” Open it up, and type in “ping [website address],”
  • Once you have the IP for a website, all you really need to do is enter it like you would a normal URL and hit enter/press go. Typing in “208.85.240.231” should bring you to the front page of AO3, for example, just as typing “174.121.194.34/dashboard” should bring you straight to your Tumblr dashboard. Since we’re obviously bracing for the worst case scenario which would involve you not being able to access the internet regularly, you should, save this list.

OpenDNS for a faster more secure web experience

OpenDNS is an online service that offers many features that your ISP will not provide to you through their DNS servers. As the title states this service will make your web time safer and faster and it’s free. Follow the instructions below to get going.
Here is a quick list of things you will have:

  • DNS Infrastructure – OpenDNS has data-centers all over the world thus will provide you with robust routing. It is smart enough to route you to it’s closest data-center resulting in faster connection to the sites you visit. It also uses SmartCache, a feature that caches the last known working route to a website so when most people can’t get to a site you will be able to.
  • Control – You will be able to filter what content gets to and from your computers. You can either allow or block things like P2P, proxies, adult and more and you can block the tools known to bypass most filters. You can whitelist or blacklist up to 25 domains and point these to a particular site of your choosing.
  • Security – You are protected against phishing attacks and botnets.
  • Insights and reporting – You can see reports about traffic on your network via detailed charts and statistics, you will have access to the last two weeks of data.
  • Typo correction – Checks for and corrects the most common typos in top-level domains like .com, .net and .org.
  • Shortcuts – Allows you to create a custom shortcut for a log url by using a short url alias.

Continue reading OpenDNS for a faster more secure web experience