-
Notifications
You must be signed in to change notification settings - Fork 36
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Revert DNS Settings #166
Merged
Merged
Revert DNS Settings #166
Changes from 4 commits
Commits
Show all changes
9 commits
Select commit
Hold shift + click to select a range
0b01218
Revert DNS Settings
Tomat0r 81cbb8b
Updated header
Tomat0r 1ee739d
updated header v2
Tomat0r 44a8bac
added disk-encryption.md
Tomat0r 3c25ebc
Update dns.md
TheKrol 83c5517
Merge pull request #1 from TheKrol/patch-1
Tomat0r 7c89303
PR Fixes (#2)
K97i 7a7ba53
Merge branch 'r-Techsupport:master' into master
Tomat0r ee842d2
added flushdns
Tomat0r File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| --- | ||
| layout: default | ||
| title: "Domain Name System" | ||
| nav_exclude: false | ||
| has_children: false | ||
| parent: Networking | ||
| has_toc: true | ||
| search_exclude: false | ||
| last_modified_date: 2023-02-03 | ||
| --- | ||
| # Understanding DNS and How to Revert to Standard DNS Providers | ||
|
|
||
| ## What is DNS? | ||
|
|
||
| DNS, or the Domain Name System, is the system that translates human-readable domain names (e.g. www.google.com) into machine-readable IP addresses (e.g. 216.58.194.174). It acts as a sort of phonebook for the internet, allowing users to access websites and other online resources using easy-to-remember names instead of difficult-to-remember numerical addresses. | ||
|
|
||
| ## List of DNS Providers | ||
|
|
||
| ### You can use any of these depending on your Personal Preference. | ||
|
|
||
| * Google Public DNS: 8.8.8.8 and 8.8.4.4 | ||
| * Cloudflare: 1.1.1.1 and 1.0.0.1 | ||
| * OpenDNS: 208.67.222.222 and 208.67.220.220 | ||
| * Quad9: 9.9.9.9 and 149.112.112.112 | ||
|
|
||
| ## How to Revert to Standard DNS Providers | ||
|
|
||
| The process of reverting to a standard DNS provider varies depending on the operating system you are using. Here are the steps for some common operating systems: | ||
|
|
||
|
|
||
| ### Windows | ||
|
|
||
| 1. Click the Start button and type "Control Panel" in the search bar. | ||
| 2. Click "Network and Sharing Center." | ||
| 3. Click "Change adapter settings." | ||
| 4. Right-click the network connection you want to change and select "Properties." | ||
| 5. Select "Internet Protocol Version 4 (TCP/IPv4)" and click "Properties." | ||
| 6. Select "Use the following DNS server addresses" and enter the preferred DNS server addresses for the provider you want to use (e.g. Google's DNS servers are 8.8.8.8 and 8.8.4.4, Cloudflare's are 1.1.1.1 and 1.0.0.1, and OpenDNS's are 208.67.222.222 and 208.67.220.220). | ||
| 7. Click OK to save the changes. | ||
|
|
||
| ### MacOS | ||
|
|
||
| 1. Click the Apple menu and select "System Preferences." | ||
| 2. Click "Network." | ||
| 3. Select the network connection you want to change and click "Advanced." | ||
| 4. Click the "DNS" tab. | ||
| 5. Click the "+" button to add a new DNS server address and enter the preferred DNS server addresses for the provider you want to use (e.g. Google's DNS servers are 8.8.8.8 and 8.8.4.4, Cloudflare's are 1.1.1.1 and 1.0.0.1, and OpenDNS's are 208.67.222.222 and 208.67.220.220). | ||
| 6. Click OK to save the changes. | ||
|
|
||
| ### Linux | ||
|
|
||
| The specific steps to change the DNS server in Linux depend on the distribution you are using. For most distributions, you can change the DNS server by editing the `/etc/resolv.conf` file and adding the preferred DNS server addresses for the provider you want to use (e.g. Google's DNS servers are 8.8.8.8 and 8.8.4.4, Cloudflare's are 1.1.1.1 and 1.0.0.1, and OpenDNS's are 208.67.222.222 and 208.67.220.220). | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,239 @@ | ||
| --- | ||
| layout: default | ||
| title: Disk Encryption | ||
| nav_exclude: false | ||
| nav_order: false | ||
| has_children: false | ||
| parent: safety-security | ||
| search_exclude: false | ||
| last_modified_date: 2023-02-03 | ||
| --- | ||
|
|
||
| # Disk Encryption | ||
|
|
||
| {: .no_toc} | ||
|
|
||
| {% include toc.md %} | ||
|
|
||
| # Disk Encryption | ||
|
|
||
| # Introduction | ||
|
|
||
| Disk encryption is the process of converting plain text data into unreadable code, using mathematical algorithms, to secure sensitive information stored on a computer's hard drive. The encryption process protects data by making it unreadable to unauthorized users, even if they have physical access to the computer's disk. | ||
|
|
||
| ## Uses of Disk Encryption | ||
|
|
||
| * Protecting sensitive personal and financial information, such as passwords, social security numbers, and credit card numbers. | ||
| * Securing confidential business data, such as trade secrets, customer information, and financial records. | ||
| * Complying with legal and regulatory requirements, such as the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA). | ||
| * Preventing data theft, such as through theft of laptops or external hard drives. | ||
|
|
||
| ## General Things Necessary for Secure Disk Encryption | ||
|
|
||
| * Backups: Regularly backing up encrypted data is important in case of disk failure or Corruption. | ||
| * Secure Passwords: The strength of disk encryption depends on the strength of the password used to encrypt the data. It is important to choose strong, unique passwords | ||
| * Storing Passwords Safely: Passwords should be stored in a secure location, such as a password manager or a physically secure location, to prevent unauthorized access. | ||
| * Usage of a Secure Algorithm: If the Method used for Encryption is weak or has known Vulnerabilities it should not be used. | ||
|
|
||
| ## Setting Up Full Disk Encryption on Windows using BitLocker | ||
|
|
||
| BitLocker is a built-in disk encryption feature in Windows that provides full disk encryption for the operating system drive, as well as additional data drives. Here's how to set up BitLocker on Windows: | ||
|
|
||
| 1. Go to Control Panel and select System and Security. | ||
| 2. Select BitLocker Drive Encryption. | ||
| 3. Select the drive that you want to encrypt and click on "Turn on BitLocker." | ||
| 4. Choose how you want to unlock your drive at startup, such as with a password or smart card. | ||
| 5. Choose how you want to back up your recovery key, such as saving it to a USB drive or printing it. | ||
| 6. Choose the encryption method and encryption settings, such as the encryption algorithm and the encryption key size. | ||
| 7. Start the encryption process and wait for it to complete. This process may take several hours, depending on the size of the drive. | ||
|
|
||
| BitLocker is designed to lock down in the event of hardware or firmware changes, to prevent unauthorized access to the encrypted data. However, there may be times when hardware or firmware changes are necessary, such as during routine maintenance or upgrades. In these cases, BitLocker can be put into maintenance mode, allowing the changes to be made and then resumed. | ||
| ## How to put BitLocker into maintenance mode: | ||
|
|
||
| 1. Go to Control Panel and select System and Security. | ||
| 2. Select BitLocker Drive Encryption. | ||
| 3. Select the drive that is encrypted with BitLocker. | ||
| 4. Click on "Suspend protection." | ||
| 5. Make the necessary hardware or firmware changes. | ||
| 6. Go back to BitLocker Drive Encryption and click on "Resume protection." | ||
| 7. Enter the BitLocker password and wait for the encryption process to resume. | ||
|
|
||
| ### Minimum Requirements for BitLocker / BitLocker to Go | ||
|
|
||
| In order to use BitLocker, your computer must meet the following minimum requirements: | ||
|
|
||
| * Windows 10 Pro or higher | ||
| * An enabled Trusted Platform Module (TPM) version 1.2 or later | ||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
| ## Setting up BitLocker to Go for detachable or Portable Storage | ||
|
|
||
| BitLocker to Go provides a convenient and secure way to encrypt external drives and protect sensitive data stored on them. While it does have some limitations, it is a useful tool for anyone who needs to store sensitive data on an external drive. Just be sure to always keep a backup of your data and store your password in a safe place to avoid data loss. | ||
|
|
||
|
|
||
|
|
||
| To encrypt an external drive using BitLocker to Go, follow these steps: | ||
|
|
||
| 1. Connect the external drive to your Windows computer. | ||
| 2. Right-click on the drive in File Explorer and select "Turn on BitLocker". | ||
| 3. Follow the on-screen prompts to set up a password for the drive and select the encryption options. | ||
| 4. BitLocker will begin encrypting the drive, which may take some time depending on the size of the drive and the speed of your computer. | ||
|
|
||
| ## Unlocking a BitLocker to Go Drive | ||
|
|
||
| To unlock a BitLocker to Go drive, simply connect it to a Windows computer and enter the password when prompted. The drive will then be unlocked and accessible just like any other drive. | ||
|
|
||
|
|
||
|
|
||
| ### Things to keep in mind | ||
|
|
||
| - BitLocker to Go is Compatible with Windows operating systems that support BitLocker with no additional software required but is not Compatible with Mac OS or Linux without usage of Third-party Tools. | ||
|
|
||
| ## Finding Bitlocker Recovery Keys | ||
|
|
||
| Bitlocker recovery keys can be found in several places, depending on how Bitlocker was set up: | ||
|
|
||
| - In the Microsoft account: If the recovery key was saved to the Microsoft account, it can be found by signing in to the account and viewing the security information. Follow [this guide](https://support.microsoft.com/en-us/windows/finding-your-bitlocker-recovery-key-in-windows-6b71ad27-0b89-ea08-f143-056f5ab347d6). | ||
| - In the OneDrive account: If the recovery key was saved to the OneDrive account, it can be found by signing in to the account and searching for "Bitlocker." | ||
| - On a USB drive: If the recovery key was saved to a USB drive, the USB drive must be inserted into the computer to access the encrypted data. | ||
| - With the Bitlocker Recovery Console: If the recovery key was not saved to the Microsoft account or a USB drive, it can be found using the Bitlocker Recovery Console. | ||
|
|
||
| ### It is not possible to Decrypt BitLocker without them and we will not asisst in doing so. | ||
K97i marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
|
|
||
|
|
||
|
|
||
| ## Setting up VeraCrypt | ||
|
|
||
| VeraCrypt is a free, open-source disk encryption software for Windows, MacOS, and Linux. It allows you to create encrypted volumes and encrypt entire disks, including system drives. This article will cover the setup and use of VeraCrypt, as well as its advantages and disadvantages. | ||
|
|
||
| ### Minimum Requirements | ||
|
|
||
| To use VeraCrypt, you will need a computer with a compatible operating system: | ||
|
|
||
| - Windows 7 or later | ||
| - MacOS X 10.6 or later | ||
| - Linux 2.6 or later | ||
|
|
||
| ## Installing VeraCrypt | ||
|
|
||
| To install VeraCrypt, follow these steps: | ||
|
|
||
| 1. Download the VeraCrypt installer from the [official website](https://veracrypt.codeplex.com/). | ||
| 2. Run the installer and follow the on-screen prompts to install VeraCrypt. | ||
| 3. Once installed, launch VeraCrypt and follow the steps to create an encrypted volume or encrypt an entire disk. | ||
|
|
||
| ### Creating an Encrypted Volume | ||
|
|
||
| To create an encrypted volume using VeraCrypt, follow these steps: | ||
|
|
||
| 1. Launch VeraCrypt and select "Create Volume". | ||
| 2. Select "Create an encrypted file container". | ||
| 3. Follow the on-screen prompts to create a password and choose the encryption options. | ||
| 4. VeraCrypt will create an encrypted file container that can be mounted as a virtual drive. | ||
|
|
||
| ### Encrypting an Entire Disk | ||
|
|
||
| To encrypt an entire disk using VeraCrypt, follow these steps: | ||
|
|
||
| 1. Launch VeraCrypt and select "Encrypt a non-system partition/drive". | ||
| 2. Select the drive you wish to encrypt. | ||
| 3. Follow the on-screen prompts to create a password and choose the encryption options. | ||
| 4. VeraCrypt will begin encrypting the drive, which may take some time depending on the size of the drive and the speed of your computer. | ||
|
|
||
| ### Advantages and Disadvantages | ||
|
|
||
| Advantages | ||
|
|
||
| - Free and open-source | ||
| - Cross-platform compatibility | ||
| - Offers full disk encryption and encrypted volumes | ||
| - Strong encryption options | ||
|
|
||
| Disdvantages | ||
|
|
||
| - May be more difficult to set up and use than other disk encryption software | ||
| - Not as widely used as other disk encryption software, meaning there may be less support and resources available | ||
K97i marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
|
|
||
| ## Setting up LUKS | ||
|
|
||
| LUKS (Linux Unified Key Setup) is a disk encryption specification for Linux. It provides a standard for encrypting entire storage devices, including hard drives and flash drives. This article will cover the setup and use of LUKS, as well as important things to keep in mind when using LUKS encryption. | ||
|
|
||
|
|
||
| ### Minimum Requirements | ||
|
|
||
| To use LUKS, you will need a Linux operating system with the following minimum requirements: | ||
|
|
||
| - Linux kernel 2.6.x or later | ||
| - A supported Linux Distro | ||
|
|
||
| ### Encrypting a Device with LUKS | ||
|
|
||
| To encrypt a device using LUKS, follow these steps: | ||
|
|
||
| 1. Open a terminal window and enter the following command: `sudo cryptsetup luksFormat /dev/sdX` (where `/dev/sdX` is the device you wish to encrypt). | ||
| 2. Follow the on-screen prompts to create a password for the encrypted device. | ||
| 3. Enter the following command to open the encrypted device: `sudo cryptsetup luksOpen /dev/sdX cryptname` (where `cryptname` is the name you wish to assign to the encrypted device). | ||
| 4. Create a filesystem on the encrypted device: `sudo mkfs.ext4 /dev/mapper/cryptname` | ||
| 5. Mount the encrypted device: `sudo mount /dev/mapper/cryptname /mnt/mountpoint` (where `/mnt/mountpoint` is the mount point you wish to use). | ||
|
|
||
| ### Unlocking an Encrypted Device | ||
|
|
||
| To unlock an encrypted device, follow these steps: | ||
|
|
||
| 1. Open a terminal window and enter the following command: `sudo cryptsetup luksOpen /dev/sdX cryptname` (where `/dev/sdX` is the encrypted device and `cryptname` is the name you assigned to the encrypted device). | ||
| 2. Enter the password for the encrypted device. | ||
| 3. Mount the encrypted device: `sudo mount /dev/mapper/cryptname /mnt/mountpoint` (where `/mnt/mountpoint` is the mount point you wish to use). | ||
|
|
||
| ### Advantages and Disadvantages | ||
|
|
||
| Advantages: | ||
|
|
||
|
|
||
| - LUKS is broadly availible accros Linux Distributions | ||
|
|
||
| Disadvantages: | ||
|
|
||
| - No GUi | ||
| - Requires a certain degree of knowledge of the Linux Terminal | ||
| - LUKS encryption can slow down disk access speeds. | ||
K97i marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| - No way of accessing Drives on Other Operating systems wihtout usage of 3rd Party Software | ||
|
|
||
| ## Self-Encrypting Drives (SEDs) | ||
|
|
||
| Self-Encrypting Drives (SEDs) are a type of hard disk drive (HDD) or solid state drive (SSD) that encrypt all data on the disk automatically without the need for any additional software or hardware. | ||
|
|
||
| ### Advantages and Disadvantages | ||
|
|
||
| Advantages | ||
|
|
||
| - Easy to use: SEDs are simple to use, as encryption is performed automatically in the background. No additional software or hardware is required. | ||
| - Improved performance: SEDs are designed to encrypt data at the disk controller level, which minimizes the impact on system performance. | ||
| - Increased security: SEDs encrypt all data on the disk, including data in use, which provides a higher level of security than traditional software-based encryption methods. | ||
| - More affordable: SEDs are becoming more affordable, making them an attractive option for organizations that need to secure data on a budget. | ||
|
|
||
| Disadvantages | ||
|
|
||
| - Limited compatibility: SEDs are not compatible with all operating systems, and some systems may require additional software to use them. | ||
| - Reduced performance: In some cases, the encryption process performed by SEDs can reduce system performance. | ||
| - Insecure Encryption methods: Not every drive has equal security as it depends on the method used. If the method has flaws or is vulnerable it can't be changed in most cases. | ||
|
|
||
|
|
||
| ### Risks | ||
|
|
||
| - Data loss: If the encryption key is lost or forgotten, the data on the SED will be inaccessible. | ||
| - Physical damage: In the event of physical damage to the SED, the encrypted data may become inaccessible. | ||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
K97i marked this conversation as resolved.
Show resolved
Hide resolved
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Editing
/etc/resolv.confisn't advisable on distros using theNetworkManagerorsystemd-resolvedservice as both will modify/etc/resolv.confthemselves.Use the GUI, or
nmcliorresolvectlif you know what you are doing. It might be wise to edit/add files in/etc/netplan/or/etc/network/interfaces.d/depending on what's available.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
systemd-resolvedcan be configured by hand or vianetplan.