如何判断所用的dns 有没有受到劫持,最简单的测试办法:用nslookup 去查询一个不存在的域名,如果返回一个IP,通过浏览打开这个IP会发现是一个广告页,那么这个DNS 已经被劫持了,如果返回** server can't find wwwsfsefse.com: NXDOMAIN 则未被劫持。
例:
未被劫持的DNS:
[root@mail ~]# nslookup serwr3rsf.com 61.235.70.98 Server: 61.235.70.98 Address: 61.235.70.98#53 ** server can't find serwr3rsf.com: NXDOMAIN
已经被劫持的DNS:
# nslookup sfsef333sf.com 202.96.128.86 Server: 202.96.128.86 Address: 202.96.128.86#53 Non-authoritative answer: Name: sfsef333sf.com Address: 61.140.3.66
[root@localhost ~]# yum install caching-nameserver [root@localhost ~]# chkconfig named on [root@localhost ~]# service named start Starting named: [ OK ]
编辑/etc/resolv.conf,改为下面的内容:
nameserver 127.0.0.1
测试:
[root@localhost ~]# nslookup www.google.com Server: 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: www.google.com canonical name = www.l.google.com. Name: www.l.google.com Address: 64.233.189.99 Name: www.l.google.com Address: 64.233.189.103 Name: www.l.google.com Address: 64.233.189.104 Name: www.l.google.com Address: 64.233.189.147 [root@localhost ~]# nslookup sefsf2sfef.com Server: 127.0.0.1 Address: 127.0.0.1#53 ** server can't find sefsf2sfef.com: NXDOMAIN
测试成功!
