Ungayibhala kanjani i-DNS traffic ku-Linux nge-DNSCrypt?

Darkcrizt

2 Amazwana

I-DNSCrypt

Namuhla ukuvikelwa kwedatha yakho, kanye nokuxhumeka kwakho kunethiwekhi namadivayisi akho akusekho okuthile lokho kuphela abantu abanolwazi oluphambili noma izinkampani kumele benze.

Kulesi senzakalo ake sibone ukuthi singabunyusa kanjani ubumfihlo bethu kwiLinux, esizokwenza ukukwenza ukulawula ukuthi ngubani ongabona imininingwane yethu yokubheka i-DNS.

Yize ingeke iyifihle ngokuphelele yonke i-IP traffic, izovimbela ukuhlaselwa okuyingozi kwe-DNS spoofing, iqinisekise ukuphepha okukhulu.

Ku-Linux, indlela engcono kakhulu yokubethela ithrafikhi ye-DNS ukusebenzisa i-DNSCrypt.

I-DNSCrypt inqubo elandelwayo yenethiwekhi eyenzelwe ukuqinisekisa ithrafikhi ye-DNS (Uhlelo Lwesizinda Segama) phakathi komsebenzisi wekhompyutha namagama aphindaphindiwe amaseva.

I-DNSCrypt isonga ithrafikhi ye-DNS engaqinisekisiwe phakathi kweklayenti nesixazululi se-DNS ekwakheni i-cryptographic ukuze kutholakale ukukhohliswa. Yize inganikeli ngokuphepha kokuphela kokuphela, iyasiza ekuvikeleni inethiwekhi yendawo ekuhlaselweni ngumuntu ophakathi nendawo.

Iphinde inciphise ukuhlaselwa kokukhulisa okwenziwe nge-UDP ngokufuna ukuthi umbuzo okungenani ube mkhulu njengempendulo ehambisanayo. Ngakho-ke, i-DNSCrypt isiza ukuvimbela ukukhishwa kwe-DNS.

I-DNSCrypt nayo ingasetshenziselwa ukulawula ukufinyelela.

Ungayifaka kanjani i-DNSCrypt ku-Linux?

Ukuze ufake lolu hlelo kusistimu yethu, kufanele silandele izinyathelo esabelana ngazo ngezansi ngokusatshalaliswa kwe-Linux abakusebenzisayo.

Kufanele wazi ukuthi insiza ye-DNSCrypt ifakiwe cishe kuwo wonke amakhosombe wokusabalalisa kwe-Linux.

Ukunqumar ukufaka i-DNSCrypt ku-Debian, Ubuntu, Linux Mint nokusabalalisa okuvela kulezi, kufanele bavule ukuphela bese benza umyalo olandelayo kuyo:

sudo apt install dnscrypt-proxy

Endabeni ye labo abasebenzisi be-Arch Linux kanye nokuphuma kokunye:

sudo pacman -S dnscrypt-proxy

Labo abasebenzisayo I-Fedora kanye nokuphuma kokunye:

sudo dnf install dnscrypt-proxy -y

Ekugcineni, kwe labo abasebenzisa noma iyiphi inguqulo ye-OpenSUSE:

I-sudo zypper ifaka i-dnscrypt-proxy

Ungayilungiselela kanjani i-DNSCrypt ku-Linux?

Lapho ukusetshenziswa sekufakiwe ohlelweni, kuyadingeka ukuthi siyilungiselele ngoba noma ifakiwe, ayikasebenzi okwamanje.

Ngalokhu kumele sisebenzise insizakalo ye-DNS, lapho kunezindlela eziningi ongakhetha kuzo kusuka kokukhululekile kuye kuzinkokhelo ezikhokhelwayo.

Kubalulekile ukuhamba nenye i-DNS, esikhundleni sokunamathela kuleyo i-ISP yakho ebanikeza yona, uma ufuna ukuphepha okwengeziwe.

Bangakhetha eyodwa evumelana nabo kakhulu, sinezinketho ze-openDNS, i-CloudFlare phakathi kokunye,

Manje Kufanele sichofoze kusithonjana senethiwekhi bese sihlela ukuxhumana kwayo okuzenzakalelayo.

Laphaí Sizozibeka endaweni ye-IPv4, bese sibheka "amaseva e-DNS". Ebhokisini lombhalo le- "DNS Servers", namathisela ikheli elilandelayo:

Vele ungeze ikheli le-DNS elilandelayo pOkwe-IPv4:

1.0.0.1

Ngenkathi ye-IPv6:

2606:4700:4700::1111,2606:4700:4700::1001

Ngemuva kokumisa isoftware ye-DNSCrypt, kubaluleke kakhulu ukuqala kabusha umphathi wenethiwekhi ngomyalo olandelayo.

Solo vele uthayiphe:

sudo systemctl restart NetworkManager.service

Izilungiselelo eziyisisekelo ezivumela ithuluzi le-DNSCrypt ukuthi zisebenze sezikhona. Into yokugcina okufanele uyenze ukufaka iphrofayili ye-DNS kulayini womyalo.

sudo dnscrypt-proxy -R cloudflare-dns.com

Futhi yilokho, sebevele basebenzisa le nsizakalo enhle ezinhlelweni zabo. Uma ufuna ukumisa insiza ye-DNSCrypt, vele uthayiphe umyalo olandelayo

sudo systemctl stop dnscrypt-proxy.service

Y ukuyikhubaza ngokuphelele, futhi uyivimbele ekusebenzeni ekuqaleni, vele uthayiphe:

sudo systemctl disable dnscrypt-proxy.service

Ungathola imininingwane eminingi kuwebhu, ukuthi ungayilungisa kanjani i-DNSCrypt, kanye nezinsizakalo ezahlukahlukene ze-DNS ezingasetshenziswa kuyo, vele ubheke i-DNSCript Wiki. Uma ufuna ukwazi kabanzi ngayo, ungaxhumana lesi sixhumanisi futhi futhi lokhu okunye.


Amazwana ayi-2, shiya okwakho

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   I-MarkVR kusho
    kwenza iminyaka 6

    Sawubona. Indatshana enhle. Futhi kuyathakazelisa njengokuvikela ukuhlaselwa kweMitM. Kepha kunginikeza iphutha elilandelayo "[ERROR] Ukungasombululi okuqanjwe nge- [cloudflare-dns.com] okutholakala ku [/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv] ohlwini" lapho ufaka umyalo Sudo dnscrypt-proxy - R cloudflare-dns.com.
    Bheka ifayela le-dnscrypt-resolutionvers.csv kanye ne-DNS CloudFlare engekho ohlwini.
    Kungenzeka yini ukuthi ayivuselelwa noma ukuthi ngasizathu simbe ayibekwanga?

    Ngiyabonga

    Phendula uMarkVR
  2.   Gregory kusho
    kwenza iminyaka 6

    Ngicabanga ukuthi i- "cloudflare-dns.com" ibhekisa kuseva ye-DNS ozoyisebenzisa esikhundleni se-IPS DNS

    Phendula uGregory