hijacking DNS server
Eugen Leitl
eugen at leitl.org
Tue Sep 23 12:26:35 UTC 2008
On Mon, Sep 22, 2008 at 05:42:14PM +0200, Eugen Leitl wrote:
>
> Howdy,
>
> finally gotten around to try getting Tor (nonbundle) up on a sacrificial
> G4 Mac Mini (Leopard).
>
> Unfortunately my crappy ISP does DNS hijacking:
>
> Sep 22 17:18:25.266 [notice] Your DNS provider gave an answer for "2vc5wruir", which is not supposed to exist. Apparently they are hijacking DNS failures. Trying to correct for this. We've noticed 1 possibly bad addresses so far.
>
> Tor apparently tries a workaround, but I've been fed up with the
> ISP's shenanigans for some time already, so I'd like to fix it for all.
> Unfortunately, I don't have a low-power Linux box for bind, so it
> has to be OS X for the moment.
>
> Is there a simple way to enable BIND on Leopard (not Server), or would
> I have to splurge $15 for the DNS Enabler?
Update: problem solved. There's a named (BIND) already installed on
OS X Leopard. You'll need to combine information from
http://www.macosxhints.com/article.php?story=20050420025219402
http://forums.macrumors.com/showthread.php?t=562590
http://pivots.pivotallabs.com/users/chad/blog/articles/507-enabling-the-postfix-mail-daemon-on-leopard
to make it work.
Specifically (issue as sudo, or as root):
# rndc-confgen > /etc/rndc.conf
/* creates rndc.conf and generates key */
# head -n 6 /etc/rndc.conf > /etc/rndc.key
/* parses the key into the proper file */
put into /System/Library/LaunchDaemons/org.isc.named.plist
(at the bottom, in the 'dict' element):
<key>RunAtLoad</key>
<true></true>
<key>OnDemand</key>
<false></false>
launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist
Use system preferences to make 127.0.0.1 your nameserver. There
should be no longer warnings like
Sep 23 13:49:30.189 [notice] Your DNS provider gave an answer for "wiban75uk5s", which is not supposed to exist. Apparently they are hijacking DNS failures. Trying to correct for this. We've noticed 1 possibly bad addresses so far.
in tail -f /var/log/tor.log
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the tor-talk
mailing list