Bypass Censorship By DNS

Bypass Censorship By DNS

By 0fajarpurnama0 | 0fajarpurnama0 | 17 Apr 2020


Overview

Changing the domain name server (DNS) is one of the easiest way. If the contents restriction is by DNS we simply only need to use another DNS, if not then this method cannot be use. Changing DNS on client is also among the most basic because there are many open DNS server out there compared to proxy and VPN server. Many users used Google’s DNS server “8.8.8.8” to bypass censorship or sometimes, it is just faster. Another reason is, if your censorship only comes from DNS, it is much easier to change your DNS setting the performing overkills such as setting proxy and VPN, and in some cases, even you do set proxy and VPN, sometimes it just doesn’t work if the censorship comes from the DNS.

Here DNS will be introduced on public level in other words simple term. More information can be found in my article Simple Introduction to Computer Network and technical term will be upcoming. To make things short we browse the web mainly using the domain address for example “www.facebook.com”, but our machine itself prefer internet protocol (IP) address which is still version 4 of IP “173.252.74.22”. When we write, the DNS translate it from “www.facebook.com” > “173.252.74.22”.

image

Figure 1. Simple Animation of DNS

Setting DNS Windows

image

Figure 2. go to start menu and choose control panel.

image

Figure 3. choose network and internet.

image

Figure 4. go to network and sharing center.

image

Figure 5. change adapter setting.

image

Figure 6. right click and choose properties of the network interface you’re using.

image

Figure 7. choose internet protocol version 4 and input the DNS, here I input Google’s public DNS.

If you want to change from command line, then type the following on cmd.exe:

netsh
interface ip show config
(find the connection for example:)
interface ip set dns "Ethernet0" static 8.8.8.8

Setting DNS Android

image

Figure 8. open settings.

image

Figure 9. choose connections.

image

Figure 10. choose wifi or more connection settings.

image

Figure 11. if you choose wifi then long press one of the hotspot then choose manage network settings.

image

Figure 12. choose advance.

image

Figure 13. change DHCP to static and set DNS for example 8.8.8.8.

image

Figure 14. if you schoose more connection settings the set private DNS hostname for example dns.google.

Setting DNS Linux

image

Figure 15. find your network manager from widget.

image

Figure 16. or find network manager from settings and press gear on desired profile.

image

Figure 17. choose IPV4 or IPV6 and change the DNS.

If you want to do it from terminal, then be administrator using “sudo su”, edit “/etc/resolve.conf” file using nano, vim, etc, and set for example “nameserver 8.8.8.8”.

 

Building DNS Server Linux

 

Here I will only demonstrate locally using bind9. If you want to put on public domain, just change to public IP addresses.

sudo su
apt install bind9

Edit “/etc/bind/named.conf.options” if you want to add forwarders such as:

forwarders {
                8.8.8.8;
                8.8.4.4;
           };

Create a zone in any conf file, in the video above, I added a zone in “/etc/bind/named.conf.local” since it’s only for local network. For example:

zone "example.com" {
		type master;
        file "/etc/bind/db.example.com";
};

In above code, the zone name is “example.com” and the type is “master”. The zone file is specified to “/etc/bind/db.example.com” but you can change the name and directory of the file as you wished but for now in “/etc/bind/db.example.com”:

;
; BIND data file for example.com
;
$TTL    604800
@       IN      SOA     example.com. root.example.com. (
                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
        IN      A       192.168.1.10
;
@       IN      NS      ns.example.com.
@       IN      A       192.168.1.10
@       IN      AAAA    ::1
ns      IN      A       192.168.1.10

We defined “example.com” as “192.168.1.10”, we also define a subdomain “ns.example.com” the same as “example.com”. Note, there are example zone files such as “/etc/bind/db.local” if you need a skeleton, else go to bind9 official website for further technical details. Next is creating a reverse zone file to resolve names to IP Address. Edit “/etc/bind/named.conf.local” once again and add for example:

zone "1.168.192.in-addr.arpa" {
        type master;
        file "/etc/bind/db.192";
};

Replace “1.168.192” with the network you are using if you are using a different one. The reverse zone file in above video is “/etc/bind/db.192”. If you need a skeleton, there is “/etc/bind/db.127”. The contents below shows that “ns.example.com” is “192.168.1.10”:

;
; BIND reverse data file for local 192.168.1.XXX net
;
$TTL    604800
@       IN      SOA     ns.example.com. root.example.com. (
                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      ns.
10      IN      PTR     ns.example.com.

Finally, “sudo systemctl restart bind9.service” to restart the DNS server.

How do you rate this article?


1

1

0fajarpurnama0
0fajarpurnama0

I'm a content creator who is interested in financial freedom, decentralization, internet, computer, censorship resistance, unconfiscateable, cryptocurrency, monetization, passive income, and referrals.


0fajarpurnama0
0fajarpurnama0

This blog contains all my articles of various categories which I will separate in the future once a category becomes big. This blog along with other online contents are licensed under creative commons attribution customized sharealike (cc-by-sa) where I Fajar Purnama as the creator customized the ShareAlike (sa) license here where you are also allowed to sell my contents but with a condition that you must mention that the free and open version is available here.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.