M. Niyazi Alpay
M. Niyazi Alpay
M. Niyazi Alpay

I've been interested in computer systems since a very young age, and I've been programming since 2005. I have knowledge in PHP, MySQL, Python, MongoDB, and Linux.

 

about.me/Cryptograph

  • admin@niyazi.org

Google DNS Analogy from Internet Service Providers

Google DNS Analogy from Internet Service Providers

Hello, I haven't been able to manage my blog for a long time due to my busy schedule.

As you know, there has been a filtering effort on the internet in our country, and YouTube was blocked, as well as Twitter, but the ban was lifted.

Many of us can access desired sites by changing DNS settings, using proxy, or VPN.

A lot of people who didn't know what DNS, proxy, or VPN are have learned about them with the blocking of Twitter.

To make it more understandable, let's briefly explain each of them.

What is DNS?

When we access the internet from our computers, our web browser first checks the host file on our computer to find the IP address of the site we want to connect to. If it cannot find the site there, it goes to the Domain Name Server (DNS) and asks there. The DNS provides the IP address, and we are directed to the site.

Blocking by DNS is done by redirecting the IP addresses of the sites from your internet service provider's DNS to a different location. Changing the DNS allows us to access blocked sites.

What is a Proxy?

A proxy allows us to access the internet through another machine. In other words, we access the desired sites through a proxy server over the internet. There are different types of proxies. Some hide our real IP address, while others only serve as intermediaries for accessing blocked sites.

What is VPN?

In VPN, the situation is almost the same as with a proxy, but the difference is that the connection is entirely made through the VPN server physically. Every computer connected to the VPN server gets a private local IP address (like 192.168.2.75, 192.168.2.76). Our real IP address is hidden. With a VPN abroad, you can access any blocked sites you want.

Now, let's talk about Google DNS. Those who use Google DNS are not actually using Google DNS because when we check the connection to the 8.8.8.8 IP address, which should lead to Google, it ends up in Ankara.

Google DNS Spoof

Similarly, OpenDNS 208.67.222.222 stays in the same place when checked.

When I checked Google DNS from a server abroad, the connection goes directly to the Google server.

Google DNS Spoof

So, the DNS IPs we use in our country, which we think are used, are directed to Ankara and every action we take on the internet is monitored.

When I checked the Comodo DNS IP address, it reaches the Comodo servers from my computer.

Google DNS Spoof

As seen, the DNS IPs we use, which are provided by our internet service providers, are spoofed to look like Google DNS or OpenDNS. This situation is a type of attack usually made by cybercriminals against internet users in public networks, but the spoofing process performed by internet service providers is done as a way of tracking what we do on the internet more easily and controlling who goes where. Therefore, we need to be a little more careful while browsing the internet.

Muhammed Niyazi ALPAY - Cryptograph

Senior Software Developer & Senior Linux System Administrator

Meraklı

PHP MySQL MongoDB Python Linux Cyber Security

You may also want to read these

There are none comment

Leave a comment

Your email address will not be published. Required fields are marked *