How to Get Around Internet Censorship

// November 16th, 2011 // Posted in Linux, OS X, Windows // Tagged as

Introduction

Blocked Sites on My Linux DesktopBlocked Sites on My Desktop

Internet censorship is bad for whatever reason (political, business, etc) and they varies on the level. Some of them completely block the access while some others throttle down the traffic. DISCLAIMER: This journal is looking at censorship purely from the technical point-of-view and for educational purpose only. I won’t be held responsible if you by-pass your university proxy / office proxy or when your country prohibit by-passing. You’re on your own.

There are several types of implementation for censoring internet traffic. Two of the most common are DNS filtering and Packet filtering. DNS filtering is the easiest to implement, it works by blocking traffic to specific internet domain on the DNS level. For example fileserve.com, megaupload.com, etc. Packet filtering is more sophisticated, harder to implement and requires powerful expensive router. It inspects internet traffic data and reject access to those blocked domains.

There is no easy way to get around the Packet filtering. The only way to do that is to use proxies. For now we’re going to discuss the DNS filtering only. Maybe when I have a free extra time I will discuss on how to get around Packet filtering as well.

Fortunately DNS filtering is easy to get around to. You just have to change the DNS settings in your machine and that’s all! There are several alternative for free DNS providers. Two of the most common are Google and OpenDNS. For personal preferences and political perspective some people might prefer OpenDNS over Google DNS. Google free DNS servers are 8.8.8.8 and 8.8.4.4 while OpenDNS free DNS servers are 208.67.222.222 and 208.67.220.220.

In this journal I will show you how to change the DNS settings in Linux, OS X and Windows. These changes are applied per machine basis. If you have a home network then applying the changes on the router level is more make sense. Each home router have different way of configuring it depends on the brand and type. Topics on how to configure home routers is beyond the scope or this journal.

Changing The DNS Settings in Linux

/etc/resolv.confX. /etc/resolv.conf

As I said earlier two of the most common options for free DNS servers are Google and OpenDNS. Google free DNS servers are 8.8.8.8 and 8.8.4.4 while OpenDNS servers are 208.67.222.222 and 208.67.220.220. Where to put those server addresses is largely depends whether you’re on static IP or dynamic IP using DHCP.

In Linux DNS servers are listed in the file /etc/resolv.conf. For machines on static IP it is okay to make changes to the file directly. But if your machine is on DHCP then it will be overwritten every time you boot your machine, or to be precise every time you refresh your DHCP lease.

If you’re on static IP then simply edit /etc/resolv.conf. You can open it in any text-editor you like provided you have the privilege to edit it. For this example I’m going to use nano. From your console type:

pietra@unix$ sudo nano /etc/resolv.conf
/etc/dhcp3/dhclient.confY. dhclient.conf

then add the DNS servers in there (either using Google or OpenDNS). Press Ctrl-O to save then Ctrl-X to quit. That’s all! Take a look at Image X to give you more idea.

If you’re on dynamic IP (DHCP) and you wish to keep the IP address assignment as dynamic but would like to manually define the DNS settings then what you need to do is to override the DHCP by modifying the DHCP client hook script. Where the relevant files are is depends on your Linux distribution. I’m using Linux Mint 9 KDE which is based on Kubuntu/Ubuntu 10.04 LTS and the file is located in /etc/dhcp3/dhclient.conf. As for the Debian distribution the file is located in /etc/dhclient.conf. For other distributions you might want to check with the distro documentation.

Let’s edit the file using nano. From your console type:

pietra@unix$ sudo nano /etc/dhcp3/dhclient.conf

In there what you need to do is to append this following line at the very last line.

supersede domain-name-servers 8.8.8.8, 8.8.4.4;

“supersede” will override the DNS servers from your DHCP. Use 8.8.8.8 and 8.8.4.4 for Google free DNS servers or 208.67.222.222 and 208.67.220.220 for OpenDNS servers. Take a look at Image Y to give you more idea. Press Ctrl-O to save and Ctrl-X to quit. You might need to refresh the DHCP to apply the changes. In Linux Mint, Kubuntu/Ubuntu and Debian this can be done by restarting the “network” service. From your console type:

pietra@unix$ sudo /etc/init.d/networking restart

By restarting the “network” it should refresh the DHCP client service as well. If not then simply manually refresh it by typing:

pietra@unix$ sudo dhclient3

That’s all! We’re done setting up the custom DNS in Linux.

Changing The DNS Settings in OS X

Finder System Preferences1. System Preferences
System Preferences Networks2. Networks
Networks Advanced3. Networks
Add DNS Servers4. Add Servers
Apply DNS Changes5. Apply Changes

Go to the “System Preferences”. You can go there by clicking the Apple logo on the top left of your screen then select “System Preferences” (image 1). Inside it select “Network” (image 2). In there you might notice a couple of DNS servers already assigned by your ISP. Click the “Advanced” button to change it (image 3). Go to the “DNS” tab then click the plus sign button to add new DNS servers (image 4). To use Google free DNS servers add 8.8.8.8 and 8.8.4.4 into it. If you prefer to use OpenDNS then add 208.67.222.222 and 208.67.220.220 instead. Click “OK” button to apply it (image 5). That’s all!

Changing The DNS Settings in Windows

Control Panel Small IconsA. Small Icons
Control Panel Network and Sharing CenterB. Network Center
Network Local Area ConnectionC. Network Interfaces
LAN propertiesD. Network Properties
TCP/IP v4 PropertiesE. TCP/IP Properties
TCP/IP Custom DNS ServersF. Custom DNS

Go to the “Control Panel”. To make sure that we’re on the same page, from the “View By” pulldown menu select the “Small icons” (image A). You will see the “Network and Sharing Center” (image B). Click it to open. In there you will see one or several numbers of network depends on the number of how many network interfaces you have. If you have one network card and one wifi card installed then you will see at least two networks in there. You might need to apply these following steps to each and every one of them. In my case I connect to the Internet from my network card only and it says “Access Type” is “Internet” (image C). Click on it to get more information.

In there click the “Properties” tab (image D). Select the “Internet Protocol Version 4 (TCP/IPv4)” then click the “Properties” (image E). Leave the radio button that says “Obtain an IP address automatically” but do select the button that says “Use the following DNS server addresses” and fill-in the “Preferred DNS server” field as well as the “Alternate DNS server” field (image F). If you prefer to use Google free DNS servers then fill-in 8.8.8.8 in the “Preferred DNS server” and 8.8.4.4 in the “Alternate DNS server”. If you like to use OpenDNS free DNS servers then fill-in 208.67.222.222 and 208.67.220.220 respectively to each field. Click the “OK” button to apply it. That’s all!

Summary

Internet censorship is bad for whatever reason. It violates the very essence of freedom of speech. Fortunately there are ways to get around it and shows how futile censorship is. Regardless whether your Internet is censored or not changing the DNS servers from your ISP to neutral 3rd party is something that I would recommend simply because of several reasons. Sometimes your ISP have DNS outages or sometimes ISP abuse their power and uses data from the DNS to throttle down speed, collect marketing data, etc.

Please share this journal with others:

8 Responses to “How to Get Around Internet Censorship”

  1. ejes says:

    google censors its search results and uses it’s dns servers to feed search… i haven’t witnessed it, but I’ve heard (and it’s likely true) that google ALSO censor’s it’s dns results.

  2. [...] post: How to Get Around Internet Censorship Posted in and, at, by, dns, domain, Easiest, for, ie, in, int, internet, is, it, me, net, of, the, [...]

  3. Thankfully we still have more options for free DNS providers other than Google.
    i use for the hidemyass.com to bypass the censored website
    thaks for you article.

  4. [...] = ''; } Avast Internet Security Free Download – Indeed Its Granted With Cutting Edge FeaturesHow to Get Around Internet Censorship .recentcomments a{display:inline !important;padding:0 !important;margin:0 [...]

  5. fudge says:

    It seems you are suggesting to use filtered dns services to bypass filtered dns. This makes no sense. True, they are less filtered than say, The Great Firewall of China, which uses a combination of DNS filtering and Packet Filtering. The best way would be to set up your own internal DNS server that goes straight to the “Root” servers for queries.

  6. John says:

    This is all well and good but what if you don’t have administrator rights on your machine which a lot of people trying this won’t have..

  7. Alex says:

    Oh, thank you for this post. Our router’s OpenDNS settings were ridiculous. I couldn’t even get to pages on Ubuntu for help installing/fixing drivers. This fixed it all right up!

Leave a Reply