Domains Seized by Department of Homeland Security

Sun, Nov 28, 2010

Today the internet has been raging over the American government’s recent seizure of a number of domains containing possible copyright infringing content and counterfeit goods.

Now, I’m not arguing that selling counterfeit goods should be allowed. The recent seizure however, where neither the claimed offenders, nor their domain registrars have been notified, represents a way of conducting law enforcement that just doesn’t belong in a modern society.

The seizure have been done through ICANN, the organization responsible for maintaining top-level domains and root DNS servers. Since ICANN is responsible for all the major top-level domains, there is no reason not to expect this happening again in the future. Likely targets are of course the popular download sites around. However, more worryingly is the fact that this opens for the possibility to seize other “problematic” domains such as whistle-blowing Wikileaks. (Hey, no reason secretly graded documents aren’t copyrighted, so the same reasons could be used here).

There are of course a number of ways to circumvent this, as currently the only thing being seized is the domain names, and not the servers’ internet access or IP addresses:

I’ve seen tips in comment fields here and there to just use the site’s IP address instead of it’s domain name. This is problematic however as many servers are serving up multiple sites using virtual hosts. This means that for the server to know which of the sites you want to access, you need to supply it with a name for that site. This is done by your browser when you go to an address, as it passess along the original name you supplied in the location bar in an HTTP header. What you can do however, is override how your computer resolves a given domain name to it’s IP address by manually adding an entry in your hosts file or setting up a local DNS server to propagate your changes to your entire local network.

Editing your hosts file

This file can be found at different places in different operating systems:

Linux: /etc/hosts Windows: system32\drivers\etc\hosts MacOS: /private/etc/hosts

This file can be edited with a normal text editor such as notepad or gedit. To point a domain to a specific IP address just add a line containing the IP address and domain name separated by whitespace. E.g.:

91.194.60.32 wikileaks.org

Now your computer will not be affected by any changes done to the DNS system for this domain.

DNSMasq

There are also a number of alternative DNS services around, or you can set up your own DNS server for your local network where you supply some addresses you don’t want to change, and forward the rest to higher level DNS servers. A simple and easy way to do this on a Linux system is through dnsmasq.

Dnsmasq can be installed on a Debian or Ubuntu system using by fetching the dnsmasq package (aptitude install dnsmasq). Dnsmasq automatically uses your system’s default dns settings from /etc/resolv.conf. You can add specific entries yourself by adding a line such as

address=/wikileaks.org/91.194.60.32

to your /etc/dnsmasq.conf file. (You probably have to restart dnsmasq after changing the file, so do a service restart dnsmasq or similar, depending on your system)

Now just set up your local computers to use the server running dnsmasq as DNS server and you should be good to go.