Kali linux настройка dns

Как установить dnscrypt-proxy в Kali Linux

DNS через HTTPS — это протокол, благодаря которому DNS запросы шифруются, что делает невозможным атаку со спуфингом DNS ответов и контроль за тем, какие сайты открывал пользователь.

Программа dnscrypt-proxy — это кеширующий DNS сервер с поддержкой DNS через HTTPS и многих других протоколов безопасного DNS. Программа сама поддерживает список безопасных серверов. Установка и настройка работы с dnscrypt-proxy очень простая. Эта инструкция покажет вам, как пошагово установить dnscrypt-proxy и настроить систему на использование DNS сервера dnscrypt-proxy в результате чего все DNS запросы и ответы будут зашифрованы.

Данная инструкция с минимальными поправками должна также работать и в Linux Mint, Ubuntu и аналогичных. Если у вас данный дистрибутив, то попробуйте этот раздел и если что-то не получится, то пишите ваши ошибки в комментариях.

Установите пакет dnscrypt-proxy:

sudo apt install dnscrypt-proxy

Проверьте, чтобы порт 53 не был занят:

В выводе должна быть всего одна строка, а именно шапка:

Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process

Если вывод содержит более чем одну первую строку с названием столбцов, нужно отключить сервис, который использует порт 53. Одним из частых виновников является systemd-resolved.service (NetworkManager), но другие сетевые менеджеры могут иметь аналогичные компоненты. В общем, какая бы там ни была служба (возможно, вы уже устанавливали другой кэширующий DNS сервер), её нужно остановить и убрать из автозагрузки. Если нет процессов, прослушивающих порт 53, то можно продолжать.

Выполните проверку, чтобы убедиться, что dnscrypt-proxy работает:

/usr/sbin/dnscrypt-proxy -resolve example.com

Запустите службу dnscrypt-proxy и проверьте её статус:

sudo systemctl start dnscrypt-proxy.service systemctl status dnscrypt-proxy.service

Если всё в порядке, добавьте службу в автозагрузку:

sudo systemctl enable dnscrypt-proxy.service

Откройте файл /etc/NetworkManager/NetworkManager.conf:

sudo gedit /etc/NetworkManager/NetworkManager.conf

sudo systemctl restart NetworkManager

Сделайте резервную копию файла /etc/resolv.conf:

sudo cp /etc/resolv.conf /etc/resolv.conf.backup

А затем удалите /etc/resolv.conf (это важно, поскольку это может быть ссылка на файл, а не настоящий файл):

И создайте файл /etc/resolv.conf

nameserver 127.0.2.1 # nameserver ::1 # для IPv6 options edns0 single-request-reopen EDNSPayloadSize 4096

Теперь проверьте систему — откройте сайты, выполните обычные сетевые задачи, чтобы убедиться, что всё работает нормально.

Чтобы посмотреть, какой DNS сервер используется, выполните дважды команду dig:

Как видно на скриншоте, IP адрес DNS сервера 127.0.2.1. Первый запрос занял 160 msec, а второй запрос занял 0 msec, поскольку данные получены из кэша.

Связанные статьи:

Источник

How to configure Kali Linux to use a static IP address

What are advantages of a static IP address usage?

On a local network, a static IP address allows you to use the Web server, SSH, FTP and other network services without having to get to know IP of a system on which these services are running each time. If you do not use these services, then there is no need to configure a static IP.

Читайте также:  Google drive folder linux

A static address for a particular computer or other device can be set in several ways:

  • in the settings of your router, bind the MAC address to the IP address: in different routers the configuration process may be slightly different, but usually these functions are located in the Local network (LAN settings) -> DHCP server -> The list of manually assigned IP addresses bypassing DHCP.
  • setting up a static IP address in Network Manager
  • setting up a static IP address in the command line

Manually assigning IP addresses bypassing DHCP in the router

A static IP address can be configured on the router. The router uses a MAC address to identify devices, so you can save pairs of MAC and IP addresses in the router settings (see also “How to find the MAC address and How to find the manufacturer by MAC address”).

The specific steps for binding the MAC address to the IP address in the router depend on the device model. Therefore, if you have any questions or you can not find the desired setting in your router, then refer to its manuals. In this case, the actions do not depend on the device to which you want to assign a permanent IP address, since all the configuration is performed in the router. Also, after resetting the settings on the device to which the permanent IP address was assigned (for example, when reinstalling the OS on the computer or Factory Reset of the phone), then the binding of the IP address to the device is preserved, since the MAC address is always unchanged.

This method is not suitable for virtual machines, even if a network connection of the Bridge type is used.

What are Address, Netmask, Gateway and DNS server when setting up a static address

Whichever method of setting a static IP address you choose, and in whatever graphical environment you set a static IP address, you will need to enter values for the following fields:

Address is a static IP address that you want to assign to this computer. Typically, home routers have addresses like 192.168.0.* or 192.168.1.*, where instead of an asterisk there is a number from 2 to 254. An IP address ending in one is usually the router itself, and an IP address ending in 255 is broadcast.

Netmask – If you are setting up a home router, then usually the netmask is 255.255.255.0, this same value in another notation is written as “/24”.

Gateway is the IP address of the router. This is usually 192.168.0.1 or 192.168.1.1

DNS is a DNS server, if you do not know what to specify, you can use the following IP addresses as DNS servers: 8.8.8.8 and 8.8.4.4.

Читайте также:  Disk size check in linux

When done, click the Apply button.

By the way, if you are already connected to the local network, to find out the gateway (IP address of the router), run the command:

The following will be displayed:

default via 192.168.0.1 dev eth0 proto dhcp metric 100 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.194 metric 100

After the ‘default via’ line, the IP router will follow, in my case it is 192.168.0.1.

To apply made changes enter:

sudo systemctl restart NetworkManager

Check your current local IP with the command:

Setting up a static IP address in Kali Linux (in Xfce)

Xfce is the default graphical desktop environment in Kali Linux.

Since the computer is already connected to the network and it received network settings (IP address, gateway address, etc.), then to see the current values, run the command:

Pay attention to the line

inet 192.168.1.51/24 brd 192.168.1.255 scope global dynamic noprefixroute eth0

It means that the IP address 192.168.1.51 is assigned to the eth0 network interface, the subnet mask is /24. To find out the gateway address, replace the last digit in the IP address with “1”, that is, in this case, the gateway address is 192.168.1.1.

Suppose I want the computer to be configured to have a static IP address of 192.168.1.101.

Next to the clock, right-click on the network connections icon.

In the context menu that opens, click on “Edit Connections…”.

Select the network for which you want to configure a static IP address and click the gear icon.

In the window that opens, go to the “IPv4 Settings” tab. Select “Manual” for the “Method”. Then click the Add button and enter the values you want.

When everything is ready, click the “Save” button.

Changes will take effect after reconnecting to the network.

make sure that the IP address that was assigned to the computer is actually used:

Configuring a Static IP Address in Network Manager in Kali Linux (GNOME)

GNOME is the default graphical desktop environment in previous versions of Kali Linux. Currently, you can still select GNOME (or any other graphical desktop environment) when installing the OS.

In Linux, a static address in a graphical environment can be set in the Network Manager settings. To do this, click on the arrow in the upper right corner of the screen, in the menu that appears, click on ‘Wired Connected’, and then on ‘Wired Settings’:

A new window will open, in it click on the gear icon:

Another window will open, in which go to the IPv4 tab:

select ‘Manual’:

then enter the desired static IP in the ‘Addresses’ field, it should match your network, for example, if the router (default gateway) has the address 192.168.0.1, then the selected address should be 192.168.0.*, if the router has the address 192.168.1.1, then the selected IP should be of the form 192.168.1.* etc. Next, write down the ‘Netmask’, for most tasks 255.255.255.0 is suitable, also write the ‘Gateway’, which is the IP router, an example:

Читайте также:  Openvpn client autostart linux

If you wish, you can also set the DNS server settings, but this is not mandatory.

Setting up a static IP address in Kali Linux (in Cinnamon)

Cinnamon is a graphical desktop environment that, although not included by default in Kali Linux, is quite popular among users. Optionally, Cinnamon can be installed on Kali Linux.

To configure a static IP address in Cinnamon, click on the network connection icon and select “Network Settings”.

Select the network adapter for which you want to configure, then select the network and click the gear icon next to it.

Select the “IPv4” tab, switch “Addresses” to “Manual”, enter the information you need and click the “Apply” button.

Changes will take effect after reconnecting to the network.

Configuring a Static IP Address in the Kali Linux Command Line

If for some reason you do not use Network Manager (for example, if you use Linux without a desktop graphical environment), you can configure a static IP address on the command line.

To do this, open the /etc/network/interfaces file with any text editor:

sudo vim /etc/network/interfaces

Only four lines should be added to this file. Example strings:

auto eth0 iface eth0 inet static address 192.168.0.100/24 gateway 192.168.0.1

Let us examine them in more detail. eth0 is the name of the network interface. If there is only one network card, then in Debian (i.e., in Kali Linux too), this interface is called eth0. The second network interface is named eth1, etc.

If you are not sure, you can find the name of the wired network interface with the command:

In the second line, you need to use the same interface name (eth0).

Further in the third line, 192.168.0.100 is the IP that we want our system to always have. And /24 is an alternative way to set netmask. These characters correspond to 255.255.255.0.

As you might guess, in the last, fourth line, 192.168.0.1 means a gateway.

All these data need to be changed to fit your needs.

For the changes to take effect, issue the command:

sudo systemctl restart networking.service

As you can see, the interface is really assigned the required IP and now it will be saved after each reboot.

However, there is currently no Internet connection, because we have not configured DNS. These settings are made in the /etc/resolv.conf file. If you already have Network Manager installed, then instead of /etc/resolv.conf there is a link to /run/NetworkManager/resolv.conf

Open /etc/resolv.conf with any text editor:

Finally, now you can check:

On Kali Linux, the made changes do not disappear after the download. If they disappear, the file /etc/resolv.conf can be protected from writing:

sudo chattr +i /etc/resolv.conf

Источник

Оцените статью
Adblock
detector