Author Topic: How to access TSP Forum if DNS is knocked out  (Read 7367 times)

Online Mr. Bill

  • Like a hot cocoa mojito
  • Administrator
  • Forum Veteran
  • *******
  • Posts: 13192
  • Karma: 1804
  • Trained Attack Sheepdog/Troll hunter
    • Website maintenance services by Mr. Bill
How to access TSP Forum if DNS is knocked out
« on: October 22, 2016, 06:38:09 PM »
The US recently experienced an attack on the Internet's DNS system.  DNS translates URLs (like thesurvivalpodcast.com) into IP addresses.

Currently (and for the foreseeable future), the IP address of thesurvivalpodcast.com is 206.190.141.186

Unfortunately you can't just plug that in as a URL because the forum will break.  Instead, you will need to add it to your hosts file.

The hosts file will generally be located here:
  • Windows: C:\Windows\System32\drivers\etc\hosts
  • Mac OS X 10.2 or later: /private/etc/hosts
  • Linux: /etc/hosts

You will need administrator or root privileges to edit this file.

You can modify it right now, if you want, but it'll break if we ever change our IP address.  I have it like this in my hosts file, commented-out with "#" at the beginning of each line.  In an emergency I can just delete the "#":

Code: [Select]
# Survival Podcast:
#206.190.141.186    thesurvivalpodcast.com    www.thesurvivalpodcast.com
#206.190.141.187    survivalpodcast.net       www.survivalpodcast.net

Offline mountainmoma

  • Survival Demonstrator
  • *******
  • Posts: 3639
  • Karma: 140
  • suburban homesteader
Re: How to access TSP Forum if DNS is knocked out
« Reply #1 on: October 22, 2016, 09:27:34 PM »
The US recently experienced an attack on the Internet's DNS system.  DNS translates URLs (like thesurvivalpodcast.com) into IP addresses.

Currently (and for the foreseeable future), the IP address of thesurvivalpodcast.com is 206.190.141.186

Unfortunately you can't just plug that in as a URL because the forum will break.  Instead, you will need to add it to your hosts file.

The hosts file will generally be located here:
  • Windows: C:\Windows\System32\drivers\etc\hosts
  • Mac OS X 10.2 or later: /private/etc/hosts
  • Linux: /etc/hosts

You will need administrator or root privileges to edit this file.

You can modify it right now, if you want, but it'll break if we ever change our IP address.  I have it like this in my hosts file, commented-out with "#" at the beginning of each line.  In an emergency I can just delete the "#":

Code: [Select]
# Survival Podcast:
#206.190.141.186    thesurvivalpodcast.com    www.thesurvivalpodcast.com
#206.190.141.187    survivalpodcast.net       www.survivalpodcast.net

Ok, so, we have done this ahead, or have just written down the IP address somewhere, and for some reason we need to use this info and want to access getting here. Now, what ? We have this in the host area. Ok, so how does that get us here ? Is this little file a look up table, and so you type in Survival Podcast into the browser and it then checks this file and goes to this IP address ?  And, if it isnt too complicated to explain, why can't the IP address just directly be typed in the search engine ?
Accomplished tea drinker and baby goat watcher

Offline DWSDVSE

  • Survivor
  • ***
  • Posts: 180
  • Karma: 7
  • V R S N S M V
Re: How to access TSP Forum if DNS is knocked out
« Reply #2 on: October 23, 2016, 10:07:39 AM »
Ok, so, we have done this ahead, or have just written down the IP address somewhere, and for some reason we need to use this info and want to access getting here. Now, what ? We have this in the host area. Ok, so how does that get us here ? Is this little file a look up table, and so you type in Survival Podcast into the browser and it then checks this file and goes to this IP address ? 

If things get screwy and you suspect or know it's a DNS issue, you can just remove the # in front of the lines and your browser will start using the file rather than what it finds via its regular sources (or no sources if DNS is down).

Once it's set in the hosts file, you can run like normal in your browser. It's all behind the scenes stuff.

You can also use host files to block problem domains as well. It's not perfect, but it works somewhat on things like keeping fake links to www.paypal.oogabooga from being passed off as paypal.com. You'd put www.paypal.oogabooga  to direct to 127.0.0.1, which will just send it back to you and give a 404 file not found error or whatever your browser says rather than passing it through to the fake paypal site.


Quote
And, if it isnt too complicated to explain, why can't the IP address just directly be typed in the search engine ?


You can, but in theory the search engine might be down, too. Searching Google for 206.190.141.186 gives TSP as the first result for me.
01 25 14 03 12   12 21 14 02 17   14 12 04 22 26 


nkawtg

  • Guest
Re: How to access TSP Forum if DNS is knocked out
« Reply #3 on: October 23, 2016, 11:24:52 AM »
Done
Thanks Mr. Bill

Offline Hurricane

  • Survivalist Mentor
  • *****
  • Posts: 507
  • Karma: 15
Re: How to access TSP Forum if DNS is knocked out
« Reply #4 on: October 23, 2016, 12:59:15 PM »
Does this work for the secure ( https ) version?
Even as men wrecked upon a sand, that look to be
washed off the next tide.

Online Mr. Bill

  • Like a hot cocoa mojito
  • Administrator
  • Forum Veteran
  • *******
  • Posts: 13192
  • Karma: 1804
  • Trained Attack Sheepdog/Troll hunter
    • Website maintenance services by Mr. Bill
Re: How to access TSP Forum if DNS is knocked out
« Reply #5 on: October 23, 2016, 06:05:57 PM »
...Is this little file a look up table, and so you type in Survival Podcast into the browser and it then checks this file and goes to this IP address ?

Yup, exactly.  Your computer always checks the hosts file first, and any domains not found there will be sent out for DNS lookup.  This is an ancient feature from the early days of the Internet.

... And, if it isnt too complicated to explain, why can't the IP address just directly be typed in the search engine ?

Because the first page you load has links to other files on the site (images, icons, CSS files, not to mention the links to threads, posts, etc).  The browser will try to get those from thesurvivalpodcast.com rather than from 206.190.141.186, and (if DNS is broken) it'll fail.

Does this work for the secure ( https ) version?

Ummm.... I should try that. 8)

Offline Hurricane

  • Survivalist Mentor
  • *****
  • Posts: 507
  • Karma: 15
Re: How to access TSP Forum if DNS is knocked out
« Reply #6 on: October 25, 2016, 04:42:41 PM »
I rarely go to the main podcast page. Usually I come straight to the (https) forum. In a DNS attack, will the links from the podcast page still work, or do we need a different IP for the forum page?

Thanks!
Even as men wrecked upon a sand, that look to be
washed off the next tide.

Offline archer

  • Administrator
  • Reporter for the CNN
  • *******
  • Posts: 16733
  • Karma: 369
  • #ImissAmerica
    • Journey to Greener Pastures
Re: How to access TSP Forum if DNS is knocked out
« Reply #7 on: October 25, 2016, 05:28:25 PM »
I rarely go to the main podcast page. Usually I come straight to the (https) forum. In a DNS attack, will the links from the podcast page still work, or do we need a different IP for the forum page?

Thanks!
The ip is the same for the main page and the forum pages.


From a friend: Benjamin Franklin once said that beer is proof that God loves us.
I'm of the opinion that Redheads are proof that, contrary to popular belief, Satan also loves us.
My small blog: http://journeytogreenerpastures.blogspot.com/

Offline archer

  • Administrator
  • Reporter for the CNN
  • *******
  • Posts: 16733
  • Karma: 369
  • #ImissAmerica
    • Journey to Greener Pastures
Re: How to access TSP Forum if DNS is knocked out
« Reply #8 on: October 25, 2016, 05:29:18 PM »
Does this work for the secure ( https ) version?

good question. technically no since the cert is tied to the domain name, not the IP,  but i've not tried it. guess I'll test it tonight.


From a friend: Benjamin Franklin once said that beer is proof that God loves us.
I'm of the opinion that Redheads are proof that, contrary to popular belief, Satan also loves us.
My small blog: http://journeytogreenerpastures.blogspot.com/

Offline archer

  • Administrator
  • Reporter for the CNN
  • *******
  • Posts: 16733
  • Karma: 369
  • #ImissAmerica
    • Journey to Greener Pastures
Re: How to access TSP Forum if DNS is knocked out
« Reply #9 on: October 25, 2016, 08:23:39 PM »
good question. technically no since the cert is tied to the domain name, not the IP,  but i've not tried it. guess I'll test it tonight.

so it works with setting the IP in the hosts file.

and if you go to the IP with https on the forum it works, but will complain (https://206.190.141.186/forum/index.php?topic=59026.new#new)


From a friend: Benjamin Franklin once said that beer is proof that God loves us.
I'm of the opinion that Redheads are proof that, contrary to popular belief, Satan also loves us.
My small blog: http://journeytogreenerpastures.blogspot.com/

Offline archer

  • Administrator
  • Reporter for the CNN
  • *******
  • Posts: 16733
  • Karma: 369
  • #ImissAmerica
    • Journey to Greener Pastures
Re: How to access TSP Forum if DNS is knocked out
« Reply #10 on: October 25, 2016, 08:24:19 PM »
So yes, using the hosts trick or ip address trick will work with https. you'll just get complaints.


From a friend: Benjamin Franklin once said that beer is proof that God loves us.
I'm of the opinion that Redheads are proof that, contrary to popular belief, Satan also loves us.
My small blog: http://journeytogreenerpastures.blogspot.com/

Offline Hurricane

  • Survivalist Mentor
  • *****
  • Posts: 507
  • Karma: 15
Re: How to access TSP Forum if DNS is knocked out
« Reply #11 on: October 26, 2016, 03:05:40 PM »
Confusing, but thanks!
Even as men wrecked upon a sand, that look to be
washed off the next tide.

Offline I.L.W.

  • Dedicated Contributor
  • ******
  • Posts: 1006
  • Karma: 202
Re: How to access TSP Forum if DNS is knocked out
« Reply #12 on: October 28, 2016, 12:11:45 AM »
Maybe this will make it easier:

Windows 10 Users:
Right-click the Start Menu, select "Command Prompt (Admin)"
Click "OK"
If prompted, click "yes" to allow it to run.

Other versions of Windows:
Press [CRTL] + [Shift] + [Esc] to open the Task Manager
Go To "File" and "Create New Task" or "Run" (depending on your version)
Type "CMD" into the run box and check the box to start it as administrator. Click "OK" or "Run"


Paste the following into the command prompt and press [Enter]
Code: [Select]
echo 206.190.141.186    thesurvivalpodcast.com    www.thesurvivalpodcast.com >> %windir%\system32\drivers\etc\hosts
And again with this one:

Code: [Select]
echo 206.190.141.187    survivalpodcast.net       www.survivalpodcast.net >> %windir%\system32\drivers\etc\hosts

Next consider diversifying your DNS providers, such that if one is shut down, you have a fall-back DNS server in a different geographic location. It's not just protection from hackers. If a hurricane hits a server farm, it won't hit on opposite ends of the country simultaneously. If it does, you've got bigger problems than poor connectivity ;)

I like Google DNS as my primary, and OpenDNS as my secondary. These are open to the public, robust, distributed servers (not one central location), and they don't censor anything by omitting DNS records.

This can be changed in the command prompt as well.

Code: [Select]
wmic nicconfig where (IPEnabled=TRUE) call SetDNSServerSearchOrder ("8.8.4.4","208.67.220.220")
The likelihood of both of these getting DDOSed (attacked) at the same time is low. Additionally, the above code uses their backup DNS servers, which are unlikely to be a primary target.

For advanced users only:


https://dnscrypt.org/

A major source of security breaches and identity theft stems from "DNS leaks". As Archer pointed out, HTTPS works on he domain level. No connection between you and a DNS server is inherently secure. This means anyone can see what sites you go to, even if they can't tell what you do once you're there. Even Tor is susceptible to DNS leaks as they occur before primary routing of the secure traffic. This program encrypts your DNS requests, and will connect you to private DNS servers which support encryption. These private DNS servers, while admittedly less reliable and not as frequently updated are virtually guaranteed not to be the subject of mass denial of service attacks. Nobody's shutting down the guy with 1,000 users, they're going after big targets with millions of users. Even if they did target the little guy, the odds of them attacking the specific small server you're on are pretty remote.

A word of warning: Don't piss off your IT department at work using these techniques on a work PC. It can brake access to network resources in some corporate environments. This is for home PCs only.

Other things

Bookmark this page:
http://www.isitdownrightnow.com/thesurvivalpodcast.com.html

That will tell you if the TSP servers are down, or if the connection problem is on your end or with your ISP's ability to reach the TSP servers.

As long as you're mucking about in your hosts file, you can add the entries from the following site:
http://someonewhocares.org/hosts/

These are known scam sites, and creating a redirect to localhost (127.0.0.1) prevents your browser from going to them. A little bonus for online security if you're editing hosts anyway.
A good government may, indeed, redress the grievances of an injured people; but a strong people can alone build up a great nation. - Thomas Francis Meagher