Since
Internet is full of virtual threats, availing DNS security is must to ensure smooth and safer
computing operations. Tech geeks claim that DNS networks serve as the possible entry point for
vulnerabilities, and they may damage your computers to an irreparable extent.
You can easily install the latest security tool- DNSCrypt to enjoy encrypted Internet browsing experience. The
security utility not only encrypts your inward or outward network traffic, but
also helps to avoid some major security breaches that may lead to serious
frauds. The tool is capable of securing communications between a client and a
DNS resolver to ensure that no sensitive data or information goes into the
wrong hands. The utility uses elliptic-curve cryptography and protects your
device and identity by encrypting web traffic, the way the SSL turns HTTP into
HTTPS. Read the blog to know how to install the tool on OpenWrt for beginners:
Steps for Installing the Tool on Your
Computers
Stage1. Installing the Utility on OpenWrt
• Open the OpenWrt’s ‘LuCI Web’ Interface and select ‘System – Software’ tab
• Click the ‘Update List’ option and wait for window to appear
• Type ‘dnscrypt-proxy’ in ‘Download and Install Packages’ field
• Click ‘OK’ and wait until the process gets completed.
If you’re using x86 Platforms, then try the following steps to install the tool:
•
Type the following commands to install the
utility:
A. cd /tmp wget
B. https://downloads.openwrt.org/snapshots/trunk/x86/packages/packages/dnscrypt-proxy_1.4.1-1_x86.ipk
C. opkg install dnscrypt-proxy*.ipk
D. rm -f dnscrypt-proxy*ipk
OR
•
Enter these commands to install the CACert SSL
certificates
A. mkdir -p /etc/ssl/certs/
B. wget -P /etc/ssl/certs/ http://curl.haxx.se/ca/cacert.pem
• Now, Install libsodium by typing these commands
A. cd /tmp
B. curl -OL --cacert /etc/ssl/certs/cacert.pem https://github.com/damianorenfer/libsodium-openwrt/raw/master/openwrt/bin/x86/libsodium_0.4.5-1_x86.ipk
C. opkg install libsodium_0.4.5-1_x86.ipk
D. rm -f libsodium*.ipk
• And, finally install dnscrypt-proxy for Barrier Breaker
A. cd /tmp
B. curl -OL --cacert /etc/ssl/certs/cacert.pem https://github.com/damianorenfer/dnscrypt-proxy-openwrt/raw/master/bin/x86/packages/dnscrypt-proxy_1.4.0-1_x86.ipk
C. opkg install dnscrypt-proxy_1.4.0-1_x86.ipk
D. rm -f dnscrypt-proxy*.ipk
Stage2: Check Successful Installation of ‘dnscrypt-proxy’
•
Type {opkg status | grep -n "dnscrypt-proxy"} command
to check if dnscrypt-proxy
already installed or not
•
The command will show the following results:
“217:Package: dnscrypt-proxy
224: /etc/config/dnscrypt-proxy
7524801bccfc5504202a7c469f9fbc51”
•
If it doesn’t display anything, there might be
any problem with the installation of the tool.
Stage3: Configure the Tool to Work Properly
•
Find in ‘initscript – dnscrypt-proxy’ section and click ‘Enable’
button to start the service
•
Now, you will need to configure OpenWrt to send
DNS request to dnscrypt
address
•
Select ‘Network’ tab and go to the ‘DHCP and
DNS’ section
•
Select ‘General Setting’ tab and click the ‘DNS
Forwardings’ option
•
Fill the both columns with ‘127.0.0.1#2053’ and
‘/pool.ntp.org/208.67.222.222’ details
•
Select ‘Resolv and Hosts File’ section and
checkmark the ‘Ignore Resolve File’ option
•
Press ‘Save & Apply’ option to make the
changes
•
Now, restart your router and select the ‘System
– Startup’ tab
•
Find the ‘initscript – dnsmasq’ and click
‘Restart’ option.
Stage4. Test the Tool to Confirm Encrypted Internet Browsing Experience
•
Run the following commands in SSH to test that
the tool is working properly on router:
“logread | grep -n
"using nameserver"
“logread | grep
"Proxying from"
•
If the utility has successfully installed, it
will showcase the following results:
“132:Jan 1 01:01:00 openwrt daemon.info dnsmasq[1883]:
using nameserver 208.67.222.222#53 for domain pool.ntp.org
133:Jan 1 01:01:00 openwrt daemon.info dnsmasq[1883]:
using nameserver 127.0.0.1#2053
Jul 1 12:00:00 openwrt
daemon.info dnscrypt-proxy[1831]:
Proxying from 127.0.0.1:2053 to 208.67.220.220:443”
•
If you’re using a Windows PC, open Command
Prompt and run the following commands:
nslookup
set type=txt
debug.opendns.com
•
Linux OS users will need to open Terminal and
type the “dig txt debug.opendns.com” command
•
If the results portray “dnscrypt enabled (7165343751484877)” messages,
then you and your computing operations are secured.
Conclusion
Many
of you may think that adopting DNS security tips isn’t that important, but you should consider
it as an additional responsibility to safeguard your device and identity from
cyber attacks. You should install
DNS tool to enjoy the encrypted
internet browsing environment and to secure your DNS networks. The tool can efficiently
prevent you from leading cyber crimes including spying, spoofing, and
man-in-the-middle attacks. So install DNSCrypt right now and browse through a protected yet secure
online network!
No comments:
Post a Comment