Testing Intelligent Routing with DNS Servers

I really do not care. DNS and IP address are old technology which will soon be replaced by Blockchain, get ready to know all the secrets why I say it is totally not secure.

Methods used to mask IP addresses:

1) VPN Servers

2) Proxy Servers

3) Brand Protect Servers

4) Masking IP address

How to check on the internet.

DNS Propegation Checker https://whatsmydns.net

Connection to VPN. You can see if your original ISP IP address is masked or not. https://speedtest.net

https://mxtools.com

https://wireshark.org

https://www.dnsstuff.com/packet-sniffers

What is 1.1.1.1?

1.1.1.1 is a fast and private way to browse the Internet. It is a public DNS resolver, but unlike most DNS resolvers, 1.1.1.1 is not selling user data to advertisers. The implementation of 1.1.1.1 makes it the fastest resolver out there.

What is DNS?

The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.

What makes 1.1.1.1 more secure than other public DNS services?

Some other recursive DNS services may claim that their services are secure because they support DNSSEC. While this is a good security practice, users of these services are ironically not protected from the DNS companies themselves. Many of these companies collect data from their DNS customers to use for commercial purposes. Alternatively, 1.1.1.1 does not mine any user data. Logs are kept for 24 hours for debugging purposes, then they are purged.

1.1.1.1 also offers some security features not available from many other public DNS services, such as query name minimization. Query name minimization diminishes privacy leakage by only sending minimal query names to authoritative DNS servers.

What makes 1.1.1.1 the fastest recursive DNS service?

The power of the Cloudflare network gives 1.1.1.1 a natural advantage in terms of delivering speedy DNS queries. Since it has been deployed on Cloudflare’s 1000+ servers worldwide, users anywhere in the world will get a quick response from 1.1.1.1; in addition to this, these servers have access to the over 20 million+ Internet properties on the Cloudflare platform, making queries for those domains lightning-fast.

In computer terminology, a honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems. Generally, a honeypot consists of data (for example, in a network site) that appears to be a legitimate part of the site that seems to contain information or a resource of value to attackers, but actually, is isolated and monitored and, enables blocking or analyzing the attackers. This is similar to police sting operations, colloquially known as “baiting” a suspect.[1]

https://en.wikipedia.org/wiki/Honeypot_(computing)

5

New Privacy controls for phone

New Privacy controls for phone

1) Able to link to a Do Not Call database

2) It is beyond a TrueCaller database where all the spam calls are compiled in a master database so you can decide to accept or reject the call.

3) You can turn on a feature that only accepts calls from your contact list.

4) If a call is masked or faked, the origins of the country will be revealed by software. GPS location can also be enabled.

5) If you receive an unwanted call you can marked it in your own phone and next time the person will be placed in a blacklist that cannot call into your phone.

6) The market for this phone features that is incorporated will be in the billions, you can decide to add to your flagship phone or incorporate it as an app.

7) With 5G phones you can decide how to route your SMS or calls thru any carriers, the fastest of every route or the cheapest route of any country or any 4G or 5G networks. Yes you can also use mapping like a DNS mapping of all carriers including if the call is via satellite and you can store and forward in case of a failure in any networks.

8) The price of data will drop and drop, Eventually all voice calls and messages will be routed thru the internet.

Using an automated script to hack every DNS Server and use it to attack a target

Downloads37719.zip

Using an automated script to hack every DNS Server and use it to attack a target

I regularly receive reader mail that presents some interesting problems and solutions. Many articles, and consequently scripts, focus on automating the setup and configuration of Microsoft Internet Information Services (IIS) 5.0 Web sites. I’ve written many such articles and scripts and even shown readers how to use Windows Management Instrumentation (WMI) to set up and configure IIS 5.0 remotely. (The WMI Web-exclusive article and code are available at http://www.winnetmag.com, InstantDoc ID 9100.)

By creating a script to automate the DNS setup and configuration, Adam has saved himself a lot of time in the routine process of creating new Web sites. Let’s look at the inner workings of the script so that you can use it in your own shop. You can download the code from http://www.winscriptingsolutions.com, InstantDoc ID 37719. For an alternative approach that uses WMI, see the sidebar “Using WMI to Automatically Configure DNS,” page 2.

Deconstructing DNS
To learn the DNS structure, Adam used the Microsoft Management Console (MMC) ADSI Edit snap-in from the Microsoft Internet Information Server Resource Kit**. ADSI Edit lets you view all the attributes for each DNS object and, in turn, look up each DNS object on the Microsoft Developer Network (MSDN). For example, you can find the Dns-Node attributes listed at http://msdn.microsoft.com/library/default.asp? url=/library/en-us/adschema/ad/win2k_c_dnsnode.asp. (Dns-Nodes are the Active Directory—AD—components that store the DNS resource records for each host.) After Adam identified the DNS structure, all he had to do was look at the values for each attribute and determine how to write the new values. However, determining the new values isn’t as simple as it might seem.**

Microsoft stores all DNS data in Octet-string format, which might be a “hangover” from UNIX because no other data in the Microsoft platform is persisted in structured storage in Octet format. Using Active Directory Service Interfaces (ADSI) to query the data is simple, but the data is virtually unreadable in Octet format. Fortunately, a COM component known as ArrayConvert, which is available at http://support.microsoft.com/?kbid=250344, lets you convert Octet data to hexadecimal data and vice versa. After the data is in hex format, converting it to decimal is a simple process.

Ads.dll, the library file containing the ArrayConvert function, is easy to install. You must first download the executable that contains the COM component and run the file to extract the necessary files to a specified location. To use the functions within the COM component from VBScript, you register the ads.dll COM component by clicking Start, Run and typing

Regsvr32 <path>/Ads.dll

where path is the location in which you saved the extracted files.

After Adam converted the DNS data from Octet format to hex format and then converted the hex format to decimal format, the data was readable and, consequently, easier to work with. Most DNS zones have a host (A) record that adds the www prefix to the domain. The only coded information in the data for this type of entry is the IP address and the serial number. The name of the record provides the www prefix. So, for example, the DNS zone for VisitCancun.com has a host (A) record named www that maps to the IP address 208.49.55.66. This mapping lets a user type www.VisitCancun.com into a browser. If the name of the host (A) record were different (e.g., www3), the user would need to type www3.VisitCancun.com to return the mapped IP address.

The rest of the data contains values that remain the same on different servers and different domains, so the decimals wouldn’t change. Rather, they appear to identify the record as a host (A) record. For Adam’s purposes, the DNS zone also required an MX record, which tells querying computers where to look for that domain’s mail. The data for these records was stored in Octet format, but the values were much longer than the host (A) records’ and took more time and patience to figure out.

Many of the decimals were related to the mail server’s name: Some were the ASCII representation of its letters, others represented the number of characters in each segment (not including the decimals because they segment the name), and one represented the overall length of the mail server’s name. Other decimals stood for the serial number, the mail server priority, and the IP address, and some decimals never change. Adam identified all the decimals by comparing different hex strings and through simple trial and error. He simplified the entire process by adding a section of variables at the top of the script that you can easily modify to meet your needs.

Dns.vbs
The dns.vbs script opens a connection directly into Microsoft DNS and creates all the information necessary for a new Web site, including a new DNS forward lookup zone, an MX record, and four hosts. Each host links a name to an IP address. The script defaults to setting up a parent host named foo.com, a WWW host named www.foo.com, a MAIL host named mail.foo.com, a WEBMAIL host named webmail.foo.com, and an FTP host named ftp.foo.com. (You can customize each host name and IP address in the script.)

Dns.vbs starts by dimensioning variables. Next, as the code at callout A in Listing 1 shows, the script gives you an “opt out” choice with a message box so that you don’t accidentally run the script. The script then instantiates ads.dll, the MSDN conversion utility. After completing this process, the script assigns values (i.e., names and IP addresses) to variables for later use. This part of the script is the only section you need to edit for your needs. The code at callout B contains several sample values and descriptions.

At this point, the script uses the user-defined DNS variables to do calculations, string manipulations, and parsing and converts some of the data to hex format. After the initial calculations are complete, the script connects to AD and creates DNS objects. As the code at callout C shows, the script creates the objects for the DNS zone first. Notice that the script releases COM objects from memory by setting them to Nothing. Because COM components consume large amounts of memory, cleaning up after them is good programming practice.

Next, the script creates the MX record and parent host after performing some complicated computations. Because these two values are saved in the same attribute, the script creates an array and saves the values, as the code at callout D shows.

After creating the MX record and parent host (A) record, the script creates the remaining hosts: WWW, MAIL, and WEBMAIL. The code at callout E shows how the WWW record is created. Finally, if you set FTP to “YES” in the variables section at the beginning of the script, the script creates the FTP host (A) record, as the code at callout F shows.

To run the script, use cscript.exe. From the command line, navigate to the folder in which you placed the dns.vbs script, then type

Cscript dns.vbs

You must log on with domain administrator permissions to run the script. Figure 1 shows dns.vbs running. Notice that appropriate screen I/O appears onscreen to alert the user where the dns.vbs script is in the process of running. The script runs quickly (i.e., in a few seconds), depending on your network configuration.

After the script finishes running, you can check the resulting configurations in DNS. Launch the MMC DNS server snap-in (go to Start, Programs, Administrative Tools, then select DNS). Expand the Forward Lookup Zones folder to see the DNS configuration you’ve automated. Figure 2 shows the resulting DNS configuration of foo.com that the script created using the sample values provided.