Beating the crap out of your ISP’s DNS filtering & redirection

Thanks for showing me how to use bind9 in conjunction with DNSCrypt ! 🙂

Example screenshots.

Sources used, to (con)figure things :

PS : I’m tempted to switch to dnscrypteu though.

2nd PS : I might want to add that I forgot to change my nameserver to 127.0.0.1 in the NetworkManager applet. 😀

See, what I mean …

Out Here In The Field : New Frontier!

intd

So recently, my home ISP decided to jump the shark and join the line of  Indonesian ISP enforcing the use of their DNS server to their customer, by way of redirecting queries made to 3rd parties DNS such as google and OpenDNS, to their own DNS servers, which sucks on so many level. For example this is what i get when I tried to perform a query to Google’s DNS server from my Y510p:

mach5@M5INX:~$ dig @8.8.8.8 vimeo.com ; <<>> DiG 9.9.5-3-Ubuntu <<>> @8.8.8.8 vimeo.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53913 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;vimeo.com.            IN    A ;; ANSWER SECTION: vimeo.com.        3600    IN    A    202.73.99.3 ;; Query time: 29 msec…

View original post 1,148 more words

Is it possible to give your computer a fixed ip-address ?

Short answer : Yes it is ! 😉

The end result, if I had followed above mentioned tutorial, would have been :

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 192.168.1.150
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 208.67.220.220 208.67.222.222

Long answer :

I really don’t like dnsmasq. Granted, at first it did make my iptables administration a lot easier ! As dnsmasq runs as user : nobody, which in practice means that I only had one rule, which allowed user nobody to connect to opendns’ name servers only. Et voila, Bob’s your uncle. 😉

Ok, so anyway here you can read/learn how to set things up properly, and here you can test if your efforts were fruitful. 😉

I did a search query, to see if the use of dnsmasq is an ubuntu specific beast (Well, you know their paradigm — from release to release : “ Change, for the sake of change. ” 😆 )

My search led me here : Understanding dnsmasq in Precise Pangolin.

And ultimately I followed the instructions — as I read them — on ubuntugeek, you need to edit the /etc/NetworkManager/NetworkManager.conf file.

One way to do so is (as root) :

gksudo gedit /etc/NetworkManager/NetworkManager.conf

Then change :

dns=dnsmasq

To :

#dns=dnsmasq
Path : /etc/NetworkManager/NetworkManager.conf

Path : /etc/NetworkManager/NetworkManager.conf

↑ See image.

Save, and exit the file, and then restart your network-manager.

Like so :

sudo restart network-manager

 — Source.

Now the whole point of this post is : To show you, how to give your computer a fixed ip-address. Allow me to show you how I did it, by means of using a few screenshots to clarify. 😉

NM applet : after right-clicking, and choosing network settings.

NM applet : after right-click, and choosing network settings.

NM applet : IPv4 Settings tab.

NM applet : IPv4 Settings tab.

In summary :
I’ve shown you how to setup a fixed ip-address, and I briefly wrote about, opendns, and iptables. ← To which I’ll refer, once I start writing more, about network related matters. Until then : “ Have fun tinkering, and don’t ever forget to make backups, of any system file you wish to edit. ” ← You’ll thank yourself later, that you did !

Target : Self