DNSCrypt Proxy – How to encrypt DNS traffic to prevent MITM attacks
2021-4-16 22:12:2 Author: kalitut.com(查看原文) 阅读量:20 收藏

Why we need DNSCrypt Proxy ? DNS traffic encryption is recommended to prevent leaks and MITM attacks, as a result of which an attacker can intercept your traffic, including passwords with logins.

dnscrypt-proxy

This is most likely to happen in places where there is free WIFI, and it is not excluded in apartment buildings.
For this reason it is better to play it safe, especially since it is not difficult to encrypt your DNS traffic. in this article I would like to talk about one tool that will help you encrypt all network traffic , this tool is DNSCrypt.

DNSCrypt is a network protocol that authenticates and encrypts Domain Name System (DNS) traffic between a user’s computer and recursive name servers.

What is DNS

The Domain Name System (DNS) is the equivalent of an Internet address book. When you visit cloudflare.com or any other site, your browser asks the DNS resolver for the IP address of that website. Unfortunately, DNS queries and responses at this time are usually defenseless. Encrypting DNS improves user privacy and security.

Almost every action taken on the Internet translates a domain name into an IP address.
It begins with a Main Name System (DNS) request. DNS is an internet for humans
It makes the game faster and more efficient, and greatly improves the movement between sites, but it is open and ubiquitous.

Due to its sloppy nature, it is essentially time to abuse it. Intelligence in DNS itself
Requests for harmless domains and requests for malicious domains due to lack of functionality

Will also be resolved.
Cybercriminals can exploit these recursive DNS vulnerabilities to harm enterprises / malware, Launch ransomware campaigns, phishing attacks, and data theft. User, device, Moves, applications, and data out of traditional enterprise boundaries and control areas. As a result, the target of attacks is expanding.

install dnscrypt-proxy

And so, if you are thinking about encrypting your DNS traffic, let’s move on to the installation, first you need to install DNSCrypt. In most cases, this utility is present in the repositories of some distributions. And we’ll start by installing it on Kali Linux distribution:

install dnscrypt proxy in kali Linux

sudo apt install dnscrypt-proxy
install dnscrypt-proxy

To install dnscrypt in Fedora

sudo dnf install dnscrypt-proxy

install dnscrypt in Ubuntu

Regarding the installation of DNSCrypt in the Ubuntu distribution, it is worth making a reservation that you can install both from the official repository and connect the PPA, which in fact we will do:

sudo add-apt-repository ppa: shevchuk / dnscrypt-proxy

Now we update the package lists and install DNSCrypt:

sudo apt update
sudo apt install dnscrypt-proxy

install dnscrypt in Manjaro

sudo pacman -S dnscrypt-proxy

Configuring DNSCrypt Proxy in kali linux

After installing DNSCrypt Proxy, we proceed to the configuration, in fact, you can leave the servers that are used by default. And you can replace it with your own, this is an individual matter, in order to change the server we open the configuration file, for example I will use the text editor “Nano”.

sudo nano /etc/dnscrypt-proxy/dnscrypt-proxy.toml
dnscrypt-proxy.toml

In the window that opens, to change the server, look for the line “server_names”, uncomment it and enter the DNS servers you want to use. After editing the configuration file, save it with the “ctrl + x” key combination and exit the “Nano” editor with the “ctrl + x” key combination.
Go to the IPV4 network settings change method to Automatic (DHCP) addresses only

Automatic (DHCP) addresses

We do the same in Manjaro, go to the network settings, turn off “Automatic” and enter “127.0.2.1”. Now we restart the “NetworkManager” and “DNSCrypt-Proxy” services:

sudo systemctl restart NetworkManager
sudo systemctl restart dnscrypt-proxy

There are several ways to check whether your traffic is encrypted, but the easiest is to go to the “ DNSLeak.com ” website , click on the “START” button and if you see your provider’s DNS, then DNS traffic is leaking. And if the check results contain servers that are specified in the “DNSCrypt-Proxy” settings, then the traffic is encrypted.

encrypt DNS traffic

Conclusion

In conclusion, I would like to note that to protect your traffic, it is recommended to use VPN as well, in other words, it is a complex of protection. Moreover, you can use a free VPN, for example ProtonVPN, or raise your server, for example, on WireGuard . 

I myself use the “Stubby” utility to encrypt DNS traffic , leave the settings by default, but decide for yourself what to choose. In any case, do not neglect your security on the network, especially since it is not so difficult to organize it in our time and there are enough services for this, both paid and free. More details about this utility can be found on the official website .


文章来源: https://kalitut.com/dnscrypt-proxy-encrypt-traffic/
如有侵权请联系:admin#unsafe.sh