The Domain Name System (DNS) is a pervasive component of our
computing and Internet. We do not realize its existence even though we use it
all the time. It acts like the phone book of the Internet where it translates
computer hostnames that are readable by human to IP addresses. The DNS server
stores DNS records of domain names. Hence, it is of importance to the user by
locating services on the network.. It is a technology that like all other
systems and also network protocols is vulnerable to attacks. You need to secure DNS because of its
huge role and importance.
The DNS is prone to attacks such as Cache poisoning where DNS attacks exploit
vulnerabilities in the DNS
security to add wrong addressing information to the caches. Because of
it when you access the cache to go to a site you will instead find yourself on
a different server controlled by attackers. Though, DDOS are not specific to
the DNS, it is still vulnerable to the Distributed Denial of Service attack
that results from the infrastructure of the DNS not being able to handle the
amount of requests received. Another threat is of the Register Hijacking where
attackers compromise the chosen registrar on your account and in the process
gaining control of the domain name. This and other modes of threats mean that
you have to prevent your servers against DNS attacks. The OpenDNS have come up with a
software that serves to secure the protocol from future threats.
The security program provides an added security level
solution on Windows and Mac where it is used as a form of DNS security. It encrypts
the DNS by creating a connection that is encrypted to the DNS servers then it
creates a DNS proxy in your computer. Therefore, when you try to access a site,
the browser sends a DNS query to a local host address. Now, the request gets
forwarded to a DNS server through the connection which is encrypted. The DNS
information gives a complete account on the internet activity, the domains, and
all the servers that you made the connection to hence are very valuable. By
encrypting hence, making sure of a secure DNS, the spies who are in the middle of eavesdropping on
your connection get blocked from accessing your information.
How to Get DNSCrypt?
The package is available free and can get downloaded from
the official website. From the main site choose DNSCrypt Proxy ZIP package for Windows and download
it. Configuring it on your computer is easy.
How to Install?
The software works where there are OpenDNS setting therefore
before installing set the internet connection so that OpenDNS gets used as the
provider.
1. Once the internet settings get configured, from the
downloaded package, extract the folder contained in it and put it in a drive on
your computer and then rename it to “DNSCrypt.”
2. Open the command prompt as an administrator
3. When you have opened the command prompt, go to the folder
named “bin” inside the folder that you extracted, that is the DNSCrypt folder. You can do
it by providing the path to the drive and folder in which it gets stored. For example:
c:\name\dnscrypt\bin.
4. Enter the command “DNSCrypt-proxy.exe which will install the program.
5. After executing, you should get a message to confirm the success
along with information on the registry key used and settings on the DNS
resolver that you have to change.
6. Press “Win + X” then choose “Network Connections” that
will open the Network connection pane. For those using Windows 7 and Vista, go
to “Network and Sharing Centre.”
7. Right-click on the network adapter then choose
“properties,” this opens the properties window where you scroll down to
“internet protocol version 4 (TCP/IPv4)” and select the Properties button.
8. Click on the button “use the following DNS server
addresses” where you enter 127.0.0.1 localhost address as the preferred DNS.
9. Once it is done click on the button “OK.”
Conclusion
Encryption of the DNS server is sensible and advisable more
so if you are getting access to the internet through public connections. The
virtual private network can be used as an additional measure when you use a
public network and where you do not have full control of the network. The
software does not reduce the speed of your browser and neither does it use many
resources from your machine while it does its duty to give you a secure DNS.
No comments:
Post a Comment