We are still actively working on the spam issue.
Difference between revisions of "DNSCrypt"
(Stub) |
(Added instructions to de-botnet dnscrypt-proxy) |
||
| Line 18: | Line 18: | ||
Pick a server from [http://dnscrypt.org/ dnscrypt.org] and take note of the Server address, Provider name, and Public key. | Pick a server from [http://dnscrypt.org/ dnscrypt.org] and take note of the Server address, Provider name, and Public key. | ||
# sudo dnscrypt-proxy --daemonize --resolver-address=<Server address> --provider-name=<Provider name> --provider-key=<Public key> | # sudo dnscrypt-proxy --daemonize --resolver-address=<Server address> --provider-name=<Provider name> --provider-key=<Public key> | ||
| + | |||
| + | ==== Remove systemd as a dependancy ==== | ||
| + | In version 1.6 systemd can be removed from the software by leaving its references out of the <code>configure</code> document before compiling. | ||
| + | Relevant lines can be found around 3258 to 3288 of the <code>configure</code> document. | ||
| + | End result should look something like this: | ||
| + | #MANUAL SYSTEMD PATCH. GO AWAY NSA. | ||
| + | have_systemd=no | ||
| + | HAVE_SYSTEMD_TRUE= | ||
| + | HAVE_SYSTEMD_FALSE='#' | ||
| + | |||
| + | # Check whether --with-systemd was given. | ||
| + | #if test "${with_systemd+set}" = set; then : | ||
| + | # withval=$with_systemd; | ||
| + | #fi | ||
| + | # | ||
| + | #if test "x$with_systemd" = "xyes"; then : | ||
| + | # | ||
| + | # PKG_CHECK_MODULES(SYSTEMD, libsystemd, have_systemd=yes, | ||
| + | # PKG_CHECK_MODULES([SYSTEMD_DAEMON], [libsystemd-daemon], [have_systemd=yes], [have_systemd=no]) | ||
| + | # ) | ||
| + | # case $with_systemd:$have_systemd in #( | ||
| + | # yes:no) :=== Linux === | ||
| + | ==== From Source ==== | ||
| + | # git clone git://github.com/jedisct1/dnscrypt-proxy.git | ||
| + | # cd dnscrypt-proxy | ||
| + | # ./autogen.sh | ||
| + | # ./configure --prefix=/usr | ||
| + | # make | ||
| + | # sudo make install | ||
| + | # sudo nano /etc/resolv.conf | ||
| + | Remove all lines starting with "nameserver" and add "nameserver 127.0.0.1" and save the file. | ||
| + | Pick a server from [http://dnscrypt.org/ dnscrypt.org] and take note of the Server address, Provider name, and Public key. | ||
| + | # sudo dnscrypt-proxy --daemonize --resolver-address=<Server address> --provider-name=<Provider name> --provider-key=<Public key> | ||
| + | |||
| + | ==== Remove systemd as a dependancy ==== | ||
| + | In version 1.6 systemd can be removed from the software by leaving its references out of the <code>configure</code> document before compiling. | ||
| + | Relevant lines can be found around 3258 to 3288 of the <code>configure</code> document. | ||
| + | End result should look something like this: | ||
| + | #MANUAL SYSTEMD PATCH. GO AWAY NSA. | ||
| + | have_systemd=no | ||
| + | HAVE_SYSTEMD_TRUE= | ||
| + | HAVE_SYSTEMD_FALSE='#' | ||
| + | |||
| + | # Check whether --with-systemd was given. | ||
| + | #if test "${with_systemd+set}" = set; then : | ||
| + | # withval=$with_systemd; | ||
| + | #fi | ||
| + | # | ||
| + | #if test "x$with_systemd" = "xyes"; then : | ||
| + | # | ||
| + | # PKG_CHECK_MODULES(SYSTEMD, libsystemd, have_systemd=yes, | ||
| + | # PKG_CHECK_MODULES([SYSTEMD_DAEMON], [libsystemd-daemon], [have_systemd=yes], [have_systemd=no]) | ||
| + | # ) | ||
| + | # case $with_systemd:$have_systemd in #( | ||
| + | # yes:no) : | ||
| + | # as_fn_error $? "systemd expected but libsystemd not found" #"$LINENO" 5 ;; #( | ||
| + | # *:yes) : | ||
| + | # | ||
| + | #$as_echo "#define HAVE_LIBSYSTEMD 1" >>confdefs.h | ||
| + | # | ||
| + | # ;; #( | ||
| + | # *) : | ||
| + | # ;; | ||
| + | #esac | ||
| + | # | ||
| + | #fi | ||
| + | # if test "x$have_systemd" = "xyes"; then | ||
| + | # HAVE_SYSTEMD_TRUE= | ||
| + | # HAVE_SYSTEMD_FALSE='#' | ||
| + | #else | ||
| + | # HAVE_SYSTEMD_TRUE='#' | ||
| + | # HAVE_SYSTEMD_FALSE= | ||
| + | #fi | ||
| + | Now run <code>sudo ldconfig</code> and <code>./configure</code>, then <code>make</code> and finally <code>sudo checkinstall</code>. This will produce a .deb package, and install it on the system. | ||
| + | This procedure was performed and tested on Debian 7.3 Wheezy running kernel 3.2. | ||
| + | |||
| + | # as_fn_error $? "systemd expected but libsystemd not found" #"$LINENO" 5 ;; #( | ||
| + | # *:yes) : | ||
| + | # | ||
| + | #$as_echo "#define HAVE_LIBSYSTEMD 1" >>confdefs.h | ||
| + | # | ||
| + | # ;; #( | ||
| + | # *) : | ||
| + | # ;; | ||
| + | #esac | ||
| + | # | ||
| + | #fi | ||
| + | # if test "x$have_systemd" = "xyes"; then | ||
| + | # HAVE_SYSTEMD_TRUE= | ||
| + | # HAVE_SYSTEMD_FALSE='#' | ||
| + | #else | ||
| + | # HAVE_SYSTEMD_TRUE='#' | ||
| + | # HAVE_SYSTEMD_FALSE= | ||
| + | #fi | ||
| + | Now run <code>sudo ldconfig</code> and <code>./configure</code>, then <code>make</code> and finally <code>sudo checkinstall</code>. This will produce a .deb package, and install it on the system. | ||
| + | This procedure was performed and tested on Debian 7.3 Wheezy running kernel 3.2. | ||
=== Windows === | === Windows === | ||
Revision as of 00:47, 26 August 2015
This dongle is a DNSCrypt acts as a local DNS resolver and uses elliptic-curve cryptography when passing messages to and from the DNS server. This is extremely useful for mitigating MITM attacks on DNS. Only a few servers are known to currently support DNSCrypt, however, adoption is growing.
Note: if you install DNSCrypt, be sure to change the server it's using to something other than OpenDNS, as OpenDNS is known to hijack and block certain domains by default. Also be sure to change your DNS server address to that of the local resolver (usually 127.0.0.2 or 127.0.0.1).
Contents
Installation
Linux
From Source
# git clone git://github.com/jedisct1/dnscrypt-proxy.git # cd dnscrypt-proxy # ./autogen.sh # ./configure --prefix=/usr # make # sudo make install # sudo nano /etc/resolv.conf Remove all lines starting with "nameserver" and add "nameserver 127.0.0.1" and save the file. Pick a server from dnscrypt.org and take note of the Server address, Provider name, and Public key. # sudo dnscrypt-proxy --daemonize --resolver-address=<Server address> --provider-name=<Provider name> --provider-key=<Public key>
Remove systemd as a dependancy
In version 1.6 systemd can be removed from the software by leaving its references out of the configure document before compiling.
Relevant lines can be found around 3258 to 3288 of the configure document.
End result should look something like this:
#MANUAL SYSTEMD PATCH. GO AWAY NSA.
have_systemd=no
HAVE_SYSTEMD_TRUE=
HAVE_SYSTEMD_FALSE='#'
# Check whether --with-systemd was given.
#if test "${with_systemd+set}" = set; then :
# withval=$with_systemd;
#fi
#
#if test "x$with_systemd" = "xyes"; then :
#
# PKG_CHECK_MODULES(SYSTEMD, libsystemd, have_systemd=yes,
# PKG_CHECK_MODULES([SYSTEMD_DAEMON], [libsystemd-daemon], [have_systemd=yes], [have_systemd=no])
# )
# case $with_systemd:$have_systemd in #(
# yes:no) :=== Linux ===
From Source
# git clone git://github.com/jedisct1/dnscrypt-proxy.git # cd dnscrypt-proxy # ./autogen.sh # ./configure --prefix=/usr # make # sudo make install # sudo nano /etc/resolv.conf Remove all lines starting with "nameserver" and add "nameserver 127.0.0.1" and save the file. Pick a server from dnscrypt.org and take note of the Server address, Provider name, and Public key. # sudo dnscrypt-proxy --daemonize --resolver-address=<Server address> --provider-name=<Provider name> --provider-key=<Public key>
Remove systemd as a dependancy
In version 1.6 systemd can be removed from the software by leaving its references out of the configure document before compiling.
Relevant lines can be found around 3258 to 3288 of the configure document.
End result should look something like this:
#MANUAL SYSTEMD PATCH. GO AWAY NSA.
have_systemd=no
HAVE_SYSTEMD_TRUE=
HAVE_SYSTEMD_FALSE='#'
# Check whether --with-systemd was given.
#if test "${with_systemd+set}" = set; then :
# withval=$with_systemd;
#fi
#
#if test "x$with_systemd" = "xyes"; then :
#
# PKG_CHECK_MODULES(SYSTEMD, libsystemd, have_systemd=yes,
# PKG_CHECK_MODULES([SYSTEMD_DAEMON], [libsystemd-daemon], [have_systemd=yes], [have_systemd=no])
# )
# case $with_systemd:$have_systemd in #(
# yes:no) :
# as_fn_error $? "systemd expected but libsystemd not found" #"$LINENO" 5 ;; #(
# *:yes) :
#
#$as_echo "#define HAVE_LIBSYSTEMD 1" >>confdefs.h
#
# ;; #(
# *) :
# ;;
#esac
#
#fi
# if test "x$have_systemd" = "xyes"; then
# HAVE_SYSTEMD_TRUE=
# HAVE_SYSTEMD_FALSE='#'
#else
# HAVE_SYSTEMD_TRUE='#'
# HAVE_SYSTEMD_FALSE=
#fi
Now run sudo ldconfig and ./configure, then make and finally sudo checkinstall. This will produce a .deb package, and install it on the system.
This procedure was performed and tested on Debian 7.3 Wheezy running kernel 3.2.
# as_fn_error $? "systemd expected but libsystemd not found" #"$LINENO" 5 ;; #( # *:yes) : # #$as_echo "#define HAVE_LIBSYSTEMD 1" >>confdefs.h # # ;; #( # *) : # ;; #esac # #fi # if test "x$have_systemd" = "xyes"; then # HAVE_SYSTEMD_TRUE= # HAVE_SYSTEMD_FALSE='#' #else # HAVE_SYSTEMD_TRUE='#' # HAVE_SYSTEMD_FALSE= #fi
Now run sudo ldconfig and ./configure, then make and finally sudo checkinstall. This will produce a .deb package, and install it on the system.
This procedure was performed and tested on Debian 7.3 Wheezy running kernel 3.2.
