DWQA QuestionsCategory: ServerWhat is a good solution to DNS hijacking under Linux
hit9 asked 1 week ago

Linux seems to use ISP vendor’s dns, even if it modifies itself to google’s 8.8.8 or 8.8.4.4He was found to have been hijacked by 114 people. He was very angry.

3 Answers
yegle answered 1 week ago

Nouns are not clear.So-calleddns hijackingThat is to say, after issuing DNS query request to DNS A, DNS B returns the query result in advance in the middle. This intermediate query result is not necessarily wrong, but may be correct (some small operators may redirect to an intermediate cache server for acceleration). DNS hijacking is called DNS hijacking, in which DNS query requests are initiated from inside the wall to outside the GFW to return incorrect results.Another common idea is thatdns hijackingCallNXDOMAIN Hijacking。 Is to initiate a non-existent domain name query to DNS A, DNSA should have returnedNXDOMAINThat is, non-existing domain, which actually returns a DNS vendor’s own IP for advertising or for guiding users to the correct domain name.The last one is so-called.DNS cache poisoningBased ondns hijackingOn the basis of. When a DNS server initiates a recursive querydns hijackingThen the query results are cached on this DNS server, resulting in incorrect results. When inquiring a contaminated domain name from a domestic DNS server in the wall, an incorrect result is returned. This is calledDNS cache poisoningSo for an existenceDNS cache poisoningandNXDOMAIN HijackingDNS service provider, you asked it not to return the wrong result, which is too difficult for it?

TechliveZheng replied 1 week ago

Some browsers (such as Firefox) also cache DNS results of some domain names. If the upstream DNS server is contaminated, it is necessary to clear the cache of the browser to see the effect after changing the DNS server settings. This is the main reason for this problem.

Yin_Ch3ng answered 1 week ago

It seems that I can’t find any way to solve this problem at present. You can pay attention to “GFW dns” under the article search on GFW.

hit9 answered 1 week ago

Okay, I’ve solved it myself. I found that only Firefox works under linux. Chroom* doesn’t. So I think that’s why FF works.
Get into

about:config

find

network.proxy.socks_remote_dns

Set to true
If so, install a Firefox plug-in to clear the DNS cache: DNS Cachehttps://addons.mozilla.org/en-US/fire…