How to Get Around Internet Censorship
Internet censorship is bad for whatever reason (political, business, etc) and they varies on the level. Some of them completely block the access while some others throttle down the traffic. DISCLAIMER: This journal is looking at censorship purely from the technical point-of-view and for educational purpose only. I won’t be held responsible if you by-pass your university proxy / office proxy or when your country prohibit by-passing. You’re on your own.
There are several types of implementation for censoring internet traffic. Two of the most common are DNS filtering and Packet filtering. DNS filtering is the easiest to implement, it works by blocking traffic to specific internet domain on the DNS level. For example fileserve.com, megaupload.com, etc. Packet filtering is more sophisticated, harder to implement and requires powerful expensive router. It inspects internet traffic data and reject access to those blocked domains.
There is no easy way to get around the Packet filtering. The only way to do that is to use proxies. For now we’re going to discuss the DNS filtering only. Maybe when I have a free extra time I will discuss on how to get around Packet filtering as well.
Fortunately DNS filtering is easy to get around to. You just have to change the DNS settings in your machine and that’s all! There are several alternative for free DNS providers. Two of the most common are Google and OpenDNS. For personal preferences and political perspective some people might prefer OpenDNS over Google DNS. Google free DNS servers are 188.8.131.52 and 184.108.40.206 while OpenDNS free DNS servers are 220.127.116.11 and 18.104.22.168.
In this journal I will show you how to change the DNS settings in Linux, OS X and Windows. These changes are applied per machine basis. If you have a home network then applying the changes on the router level is more make sense. Each home router have different way of configuring it depends on the brand and type. Topics on how to configure home routers is beyond the scope or this journal.
Changing The DNS Settings in Linux
As I said earlier two of the most common options for free DNS servers are Google and OpenDNS. Google free DNS servers are 22.214.171.124 and 126.96.36.199 while OpenDNS servers are 188.8.131.52 and 184.108.40.206. Where to put those server addresses is largely depends whether you’re on static IP or dynamic IP using DHCP.
In Linux DNS servers are listed in the file /etc/resolv.conf. For machines on static IP it is okay to make changes to the file directly. But if your machine is on DHCP then it will be overwritten every time you boot your machine, or to be precise every time you refresh your DHCP lease.
If you’re on static IP then simply edit /etc/resolv.conf. You can open it in any text-editor you like provided you have the privilege to edit it. For this example I’m going to use nano. From your console type:
pietra@unix$ sudo nano /etc/resolv.conf
then add the DNS servers in there (either using Google or OpenDNS). Press Ctrl-O to save then Ctrl-X to quit. That’s all! Take a look at Image X to give you more idea.
If you’re on dynamic IP (DHCP) and you wish to keep the IP address assignment as dynamic but would like to manually define the DNS settings then what you need to do is to override the DHCP by modifying the DHCP client hook script. Where the relevant files are is depends on your Linux distribution. I’m using Linux Mint 9 KDE which is based on Kubuntu/Ubuntu 10.04 LTS and the file is located in /etc/dhcp3/dhclient.conf. As for the Debian distribution the file is located in /etc/dhclient.conf. For other distributions you might want to check with the distro documentation.
Let’s edit the file using nano. From your console type:
pietra@unix$ sudo nano /etc/dhcp3/dhclient.conf
In there what you need to do is to append this following line at the very last line.
supersede domain-name-servers 220.127.116.11, 18.104.22.168;
“supersede” will override the DNS servers from your DHCP. Use 22.214.171.124 and 126.96.36.199 for Google free DNS servers or 188.8.131.52 and 184.108.40.206 for OpenDNS servers. Take a look at Image Y to give you more idea. Press Ctrl-O to save and Ctrl-X to quit. You might need to refresh the DHCP to apply the changes. In Linux Mint, Kubuntu/Ubuntu and Debian this can be done by restarting the “network” service. From your console type:
pietra@unix$ sudo /etc/init.d/networking restart
By restarting the “network” it should refresh the DHCP client service as well. If not then simply manually refresh it by typing:
pietra@unix$ sudo dhclient3
That’s all! We’re done setting up the custom DNS in Linux.
Changing The DNS Settings in OS X
Go to the “System Preferences”. You can go there by clicking the Apple logo on the top left of your screen then select “System Preferences” (image 1). Inside it select “Network” (image 2). In there you might notice a couple of DNS servers already assigned by your ISP. Click the “Advanced” button to change it (image 3). Go to the “DNS” tab then click the plus sign button to add new DNS servers (image 4). To use Google free DNS servers add 220.127.116.11 and 18.104.22.168 into it. If you prefer to use OpenDNS then add 22.214.171.124 and 126.96.36.199 instead. Click “OK” button to apply it (image 5). That’s all!
Changing The DNS Settings in Windows
Go to the “Control Panel”. To make sure that we’re on the same page, from the “View By” pulldown menu select the “Small icons” (image A). You will see the “Network and Sharing Center” (image B). Click it to open. In there you will see one or several numbers of network depends on the number of how many network interfaces you have. If you have one network card and one wifi card installed then you will see at least two networks in there. You might need to apply these following steps to each and every one of them. In my case I connect to the Internet from my network card only and it says “Access Type” is “Internet” (image C). Click on it to get more information.
In there click the “Properties” tab (image D). Select the “Internet Protocol Version 4 (TCP/IPv4)” then click the “Properties” (image E). Leave the radio button that says “Obtain an IP address automatically” but do select the button that says “Use the following DNS server addresses” and fill-in the “Preferred DNS server” field as well as the “Alternate DNS server” field (image F). If you prefer to use Google free DNS servers then fill-in 188.8.131.52 in the “Preferred DNS server” and 184.108.40.206 in the “Alternate DNS server”. If you like to use OpenDNS free DNS servers then fill-in 220.127.116.11 and 18.104.22.168 respectively to each field. Click the “OK” button to apply it. That’s all!
Internet censorship is bad for whatever reason. It violates the very essence of freedom of speech. Fortunately there are ways to get around it and shows how futile censorship is. Regardless whether your Internet is censored or not changing the DNS servers from your ISP to neutral 3rd party is something that I would recommend simply because of several reasons. Sometimes your ISP have DNS outages or sometimes ISP abuse their power and uses data from the DNS to throttle down speed, collect marketing data, etc.