shukko·8 adimda centos / ubuntu uzerinde hizli PPTP için yorumlar kapalı


1- kur
centos:
rpm -i http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
yum -y install pptpd

ubuntu:
apt-get install pptpd

2- ip tanimla
nano /etc/pptpd.conf

en alta ekle

localip 10.0.0.1
remoteip 10.0.0.100-200

3- kullanici adi sifre tanimla
nano /etc/ppp/chap-secrets

user1 pptpd password *

4- dns sunucu tanimla
nano /etc/ppp/pptpd-options

ms-dns 8.8.8.8
ms-dns 8.8.4.4

5- servisi baslat
service pptpd restart

6- ipv4 forwardingi ac
nano /etc/sysctl.conf

net.ipv4.ip_forward = 1

7- degisiklikleri uygula
sysctl -p

8- iptables ile NAT kurali tanimla
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE && iptables-save

PPTP clientlerin birbirleri ile konusabilmesi icin bunlarida ekleyebilirsin

iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 10.0.0.0/8 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface eth0 -j ACCEPT

Bitti - Gule Gule Kullan

EK1- windows icin client yapilandirmasi
http://www.hideipvpn.com/2009/09/howto-windows-7-pptp-vpn-setup-tutorial/

shukko·basitce indirdigimiz isolardan bootable usb flash drive uretelim. için yorumlar kapalı
Linux

WARNING, the following instructions will destroy any existing data on your USB stick.

Determine what device your USB is.  With your USB plugged in run:

sudo ls -l /dev/disk/by-id/*usb*

This should produce output along the lines of:

lrwxrwxrwx 1 root root  9 2010-03-15 22:54 /dev/disk/by-id/usb-_USB_DISK_2.0_077508380189-0:0 -> ../../sdb
lrwxrwxrwx 1 root root 10 2010-03-15 22:54 /dev/disk/by-id/usb-_USB_DISK_2.0_077508380189-0:0-part1 -> ../../sdb1

In this example output, the USB device is sdb

Now cd to where your *.iso is

cd ~/downloads

Example

sudo dd if=filename.iso of=/dev/usbdevice bs=4M; sync

lets say the iso is named mini.iso and your USB device is sdb

Example

sudo dd if=mini.iso of=/dev/sdb bs=4M; sync

NOTE – Be sure to understand that there is never a trailing number on the end of your /dev/sdx USB device

shukko·Linux: Block Port With IPtables için yorumlar kapalı

http://www.cyberciti.biz/faq/iptables-block-port/

 

 

Block Incoming Request From IP 1.2.3.4

The following command will drop any packet coming from the IP address 1.2.3.4:

 
/sbin/iptables -I INPUT -s {IP-HERE} -j DROP
/sbin/iptables -I INPUT -s 1.2.3.4 -j DROP

You can also specify an interface such as eth1 via which a packet was received:

 
/sbin/iptables -I INPUT -i {INTERFACE-NAME-HERE} -s {IP-HERE} -j DROP
/sbin/iptables -I INPUT -i eth1 -s 1.2.3.4 -j DROP

Please note that when the “!” argument is used before the interface name, the sense is inverted:

 
/sbin/iptables -I INPUT ! -i {INTERFACE-NAME-HERE} -s {IP-HERE} -j DROP
/sbin/iptables -I INPUT ! -i eth1 -s 1.2.3.4 -j DROP

If the interface name ends in a “+”, then any interface which begins with this name will match. If this option is omitted, any interface name will match:

 
/sbin/iptables -I INPUT  -i {INTERFACE-NAME-HERE}+ -s {IP-HERE} -j DROP
/sbin/iptables -I INPUT  -i br+ -s 1.2.3.4 -j DROP

You can replace -I INPUT (insert) with -A INPUT (append) rule as follows:

 
/sbin/iptables -A INPUT  -s 1.2.3.4 -j DROP
/sbin/iptables -i eth1 -A INPUT  -s 1.2.3.4 -j DROP

How Do I Block Subnet (xx.yy.zz.ww/ss)?

Use the following syntax to block 10.0.0.0/8 on eth1 public interface:
# /sbin/iptables -i eth1 -A INPUT -s 10.0.0.0/8 -j DROP

How Do I Block and Log Dropped IP Address Information?

You can turn on kernel logging of matching packets with LOG target as follows:
# /sbin/iptables -i eth1 -A INPUT -s 10.0.0.0/8 -j LOG --log-prefix "IP DROP SPOOF A:"
The next rule will actually drop the ip / subnet:
# /sbin/iptables -i eth1 -A INPUT -s 10.0.0.0/8 -j DROP

How Do I View Blocked IP Address?

Simply use the following command:
# /sbin/iptables -L -v
OR
# /sbin/iptables -L INPUT -v
OR
# /sbin/iptables -L INPUT -v -n
Sample outputs:

Chain INPUT (policy ACCEPT 3107K packets, 1847M bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DROP       all  --  br+    any     1.2.3.4              anywhere
    0     0 DROP       all  --  !eth1  any     1.2.3.4              anywhere
    0     0 DROP       all  --  !eth1  any     1.2.3.4              anywhere

How Do I Search For Blocked IP Address?

Use the grep command as follows:
# /sbin/iptables -L INPUT -v -n | grep 1.2.3.4

How Do I Delete Blocked IP Address?

First, you need to display blocked IP address along with line number and other information, enter:
# iptables -L INPUT -n --line-numbers
# iptables -L INPUT -n --line-numbers | grep 1.2.3.4
Sample outputs:

num   pkts bytes target     prot opt in     out     source               destination
1        0     0 DROP       0    --  *      *       116.199.128.1        0.0.0.0/0
2        0     0 DROP       0    --  *      *       116.199.128.10       0.0.0.0/0
3        0     0 DROP       0    --  *      *       123.199.2.255        0.0.0.0/0

To delete line number 3 (123.199.2.255), enter:
# iptables -D INPUT 3
Verify the same, enter:
# iptables -L INPUT -v -n
You can also use the following syntax:
# iptables -D INPUT -s 1.2.3.4 -j DROP

How Do I Save Blocked IP Address?

If you are using Redhat / RHEL / CentOS / Fedora Linux, type the following command:
# iptables -D INPUT -s 1.2.3.4 -j DROP
##########################
#////// command to save iptables ///////#
##########################
# /sbin/service iptables save
# less /etc/sysconfig/iptables
# grep '1.2.3.4' /etc/sysconfig/iptables
For all other Linux distributions use the iptables-save command to dump the contents of an IP Table to a file:
# iptables-save > /root/myfirewall.conf
Please not that you need to run the ‘iptables-save’ or ‘service iptables save’ as soon as you add or delete the ip address.

A Note About Restoring Firewall

To restore your firewall use the iptables-restore command to restore IP Tables from a file called /root/myfirewall.conf, enter:
# iptables-restore < /root/myfirewall.conf

How Do I Block Large Number Of IP Address or Subnets?

You need to write a shell script as follows:

#!/bin/bash
_input="/root/blocked.ip.db"
IPT=/sbin/iptables
$IPT -N droplist
egrep -v "^#|^$" x | while IFS= read -r ip
do
	$IPT -A droplist -i eth1 -s $ip -j LOG --log-prefix "IP BlockList "
	$IPT -A droplist -i eth1 -s $ip -j DROP
done < "$_input"
# Drop it
$IPT -I INPUT -j droplist
$IPT -I OUTPUT -j droplist
$IPT -I FORWARD -j droplist

See also: iptables: Read a List of IP Address From File And Block

Block Outgoing Request From LAN IP 192.168.1.200?

Use the following syntax:
# /sbin/iptables -A OUTPUT -s 192.168.1.200 -j DROP
# /sbin/service iptables save
You can also use FORWARD default chainswhen packets send through another interface. Usually FORWARD used when you setup Linux as a router:
# /sbin/iptables -A FORWARD -s 192.168.1.200 -j DROP
# /sbin/service iptables save

 

shukko·proxmox ve flashcache nasil? / how to proxmox and flashcache? için yorumlar kapalı

proxmox uzun zamandir kullaniyorum. Hatta ilk versyonlardan bir tanesinin cevirilerinide yapmistim. Sitelerinde bir yerlerde hala contributor olarak adim gecer. Hosuma gider.
Proxmox ile ilgili sikinti sudur ki. Gelistiricileri en basindan itibaren hedef kitleleri olarak enterprise tarafi dusunduklerinden bazi cok gereken seyleri inatla yapmak istemezler. Mesela containerler icin bandwidth takibi gibi.
Her neyse konu bu degil.
Konu kurdugum herhangi bir proxmox sunucumda yuksek disk I/O sunun eninde sonunda cpu gucu veya salt ramden daha kiymetli bir sey olmasi.

en son kurulum senaryoma gecelim.

sunucu: supermicro
cpu: Intel Xeon E3 1240V2
Ram: 32 Gb ECC
Raid Kart: Adaptec Series 6 – ASR-6805 – 8 internal 6G SAS ports
512 Mb cache
Diskler: Western Digital RE4 WD1003FBYX 1TB 3.5″ SATA 3.0Gb / s x 4 ( RAID 10 )
ve
SSD 840 PRO Seri 120GB x 2 ( RAID 1 )

Yapmak istedigim:

SSD CACHED olarak kullanmak istiyorum Proxmox sistemimi.
3 secenek var SSD CACHE diyince

1- flashcache – facebook yazmis bunu
2- bcache – 3.x kernellerde var
3- commercial http://www.velobit.com/products/HyperCache/ bunu western digital satin aldi gelecegi belirsiz. Zaten cok para. Kapali kaynak kodlu sey sux 🙂

Proxmox kernellerimiz 2.x serisi olduguna gore zaten flashcache kullanmaktan baska secenegimiz yok

NASIL KURDUM:

1- RAID 10 Array uzerine normal sekilde proxmox umu kurdum
linux swapsize=8 maxroot=20
diyerek disk buyuklugumude ayarladim kurarken
2- geri kalani buradan takip ettim , kendime uyarladim
http://florianjensen.com/2013/01/02/adding-flashcache-to-proxmox-and-lvm/

3- http://forum.proxmox.com/threads/14023-Flashcache-on-Proxmox-3-x
su topicden cok faydalandim

4- .bashrc_history dosyam derki :

df -h
fdisk -l
uname -a
pveversion -v
nano /etc/apt/sources.list
-----
deb http://ftp.de.debian.org/debian wheezy main contrib

# PVE pve-no-subscription repository provided by proxmox.com, NOT recommended for production use
deb http://download.proxmox.com/debian wheezy pve-no-subscription

# security updates
deb http://security.debian.org/ wheezy/updates main contrib

-----
nano /etc/apt/sources.list.d/pve-enterprise.list
------
#deb https://enterprise.proxmox.com/debian wheezy pve-enterprise
------

apt-get update
apt-get dist-upgrade
apt-get install dkms build-essential git
reboot
uname -a
apt-get install pve-headers-2.6.32-25-pve

------
BURAYA KADAR BASITCE SISTEMI GUNCELLEDIK VE KERNEL HEADERLARINI SISTEME EKLEDIK
SIMDI FLASHCACHE KURULUMUNA GELDI SIRA

DISK YAPIMIZ /dev/sda raid10 sata
/dev/sdb raid1 SSD
-------
FLASHCACHE INDIRIP DERLEYIP SISTEME EKLEYELIM:

git clone git://github.com/facebook/flashcache.git
cd flashcache/
make -f Makefile.dkms boot_conf
make install
modprobe flashcache
echo flashcache >> /etc/modules

fdisk -l
fdisk /dev/sdb

umount /var/lib/vz

flashcache_create -p back pvec-storage /dev/sdb1 /dev/mapper/pve-data

mount /dev/mapper/pvec-storage /var/lib/vz

echo 1 > /proc/sys/dev/flashcache/sdb1+pve-data/fast_remove

nano /etc/fstab
--------
#/dev/pve/data /var/lib/vz ext3 defaults 0 1

bunu fstab icinden devre disi birakalim.
--------
flashcache sistem acilirken baslasin diye en son betigimizide yazalim

nano /etc/init.d/flashcache
-------

#!/bin/sh

# Start or stop Flashcache

### BEGIN INIT INFO
# Provides: flashcache
# Required-Start:
# Required-Stop: $remote_fs $network pvedaemon
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Flashcache SSD caching
# Description: Flashcache SSD caching
### END INIT INFO

PATH=/bin:/usr/bin:/sbin:/usr/sbin

flashcache_start() {
if df -h | grep /var/lib/vz > /dev/null
then
echo "Flashcache allready running"
else
flashcache_load /dev/sdb1
mount /dev/mapper/pvec-storage /var/lib/vz
echo 1 > /proc/sys/dev/flashcache/sdb1+pve-data/fast_remove
echo "Flashcache started"
fi
}

flashcache_stop() {
if df -h | grep /var/lib/vz > /dev/null
then
umount /var/lib/vz
dmsetup remove pvec-storage
echo "Flashcache stopped"
else
echo "Flashcache not running"
fi
}

case "$1" in
start)
flashcache_start
;;

stop)
flashcache_stop
;;

restart)
$0 stop
$0 start
;;
esac

exit 0

-------
sonra bunu sistem acilisinda calisir hale getirelim

chmod +x /etc/init.d/flashcache
update-rc.d flashcache defaults

reboot

edelim dua edelim
hersey yolunda ise acilsin sorunsuz.

df -h

duruma bakalim

cat /proc/flashcache/sdb1+pve-data/flashcache_stats

OLDU BITTI MASALLAH.
SU AN BU SISTEMI PRODUCTION HALE HENUZ GETIRMEDIM.
PVEPERF VERILERI ACINASI DURUMDA
ANCAK SONUCTA PRODUCTIONA BASLADIKTAN SONRA BAKALIM NE OLACAK

shukko·linux ve uzak masa ustu baglantisi için yorumlar kapalı

uzak masaustune baglanmak cok guzel birsey

linux icin cesitli secenekler var

vnc olabilir – ne yaparsan yap hep yavas calisyor

freerdp olabilir – kurmasi hep eziyet olmak zorundami ? kurduktan sonrada baglanti istedigim gibi degil

nomachine var – 3.5 versyonu ucretsizdi kurulup calisiyordu. Sorunlari vardi clientin buglari vardi. hadi idare ettik . 4 versyonu iyice sacmaladi kalbimi kirdi. kaynak kodu kapali sey zaten.

freenx var – acikcasi bir turlu basarili bir sekilde calistiramadim bunu – cok da ugrasmadim ya neyse

birde BOMBA var

x2go

x2go yu uzun zaman once duymustum

gene nx nomachine teknelojisini kullaniyor – ama ne nx ne freenx gibi degil

bas gelistiricisi tam bir capulcu imis 🙂 hosuma gitti

su an tum linux uzak masaustu islerimi x2go ile yapiyorum.

inanilmaz memnunum.

Linuxda gercek RDP performansi almaya basladim.

Hep olmasi gereken bu zaten. Neden bu kadar ugrastirirlarki insani.

Ubuntu varyantlarina nasil kuracagiz

cok basit

sunucu kurulumu icin sunlari yap
sudo apt-get install python-software-properties

sudo add-apt-repository ppa:x2go/stable
sudo apt-get update
sudo apt-get install x2goserver x2goserver-xsession

client kurmak icin
sudo apt-get install python-software-properties

sudo add-apt-repository ppa:x2go/stable
sudo apt-get update
sudo apt-get install x2goclient

Oldu bitti masallah

Client yazilimi her connection icin yeni pencere acmak ister. Buda biraz amele bir olay pardon yani.
Bunun icinde pyhoca-GUI diye bir sey yazmislar.
10 numara masallah

kurmak icin
sudo apt-get install pyhoca-gui

Daha bir insan ne ister? RDP performansi nihayet en sonunda.

=====================

EK: ozellikle 14.04 lubuntuda masaustu ile ilgili problem yasiyordum

cozumu su sekilde

x2go client uzerinden (pyhocagui ile degil)

profili editleyip

custum desktop sectikten sonra

lxsession -s Lubuntu -e LXDE

 

yazmak gerekiyor

sonrasinda sorunsuz masaustu calisiyor.

=====================

X2GO sitesi

http://wiki.x2go.org/doku.php/start

Birde capulcu developerin sunumu var.

Bu adresde:

GUNCELLEME 06-06-2021

hala x2go kullaniyorum. yillar oldu

memnundum ama son zamanda xubuntu 21.04 upgrade ile birlikte xfce sessionlarda bir haltlar olmaya basladi

once acaba waylandmi olduk otomatik dedim yok wayland olsak hic calismaz zaten

o zaman kurcalarken su sekilde bir sey ile karsilastim

xfwm4 xfce sessionun bilmemnesi yuzunden salak salak ekranda artifactlar falan oluyor

o zaman xfwm4 yerine openbox kullanalim

display manager galiba bu ya neyse detayini bosver

su sekilde yap xubuntu 21.04 icin en azindan bu gecerli

sudo apt-get install openbox obconf 

openbox --replace & exit

yeniden login ettin tamam oldu. display manager degisti ancak gorunen hic bisi degismedi.

detaylari su adresden almistim.

http://lxlinux.com/xfce4openbox.html

shukko·vestel klima e7 hatasi ve giderilmesi için yorumlar kapalı

normal calisan vestel klimamiz E7 hatasi verip calismamaya basladi.

servisi aradik

cok yogunuz abi gelemeyiz 2 3 gun sonra geliriz dediler

klimamiz sistem odamizda olacak ismi bu?

servis bokuna arastirdik ve ogrendik

E7 hatasi gelince

kumandayi once bir takim rakamlar icin programliyorsun

rakamlari sonra klimaya gonderiyorsun

klima sifirlaniyor oluyor bitiyor

Kumandaya girilecek kod klima marka model ve BTU suna gore degisiyor

vestel icin su sekilde kodlar

9000 btu: 045405 1A00EA
1200 BTU: 045405 1A00Fb
18000 btu: 0A5417 12024E
24000 BTÜ: 0A5617 120340

 

bu kodu nasil girecegiz kumandaya

Kumandanın Reset, + ve – Tuşlarına 1-2 Saniye Basılı Tutun Ve Reset’i Bırakın.
Ekranda

00 00
00

veya

Pili sok kumandadan

yeniden pili takarken + ve – ye basili tut

00

yazarsa kod girmeye hazir demektir.

 

kodu su sekilde girecegiz:

+ Tuşu 1. Rakamı
- Tuşu 2. Rakamı
Fan Tuşu 3. Rakamı
Turbo Tuşu 4. Rakamı
gulucuk Tuşu 5. Rakamı Değiştiriyor.

sonra mode tusuna bas

ikinci 6 rakam kodu gir

Sonra Kumandanızı Klimaya Doğru Tutup, Güç Tuşuna Basın. Klimanız Muhtemelen Çalışacaktır.

 

Bu islem bu kadar

 

kumandayi resetlemek icin

pilleri sok bekle geri tak

oldu bitti.

 

 

shukko·X-Sys system information plugin for X-Chat için yorumlar kapalı

X-Sys system information plugin for X-Chat

http://dev.gentoo.org/~chainsaw/xsys/

Commands go public (display in a channel or private conversation) by default, you can prefix a command with E to use it privately, so only you can see the output.

The following commands are supported:

  • SYSINFO
    Displays basic system information; such as operating system information, video card type and free disk space. CPU count and basic specifications are displayed, but extended CPU information such as cache size is not displayed.
  • XSYS2FORMAT
    Allows you to change the markup codes used in the plugin’s output, for when you don’t like the default colours.
  • PLAYING
    Allows you to change the now_playing text for /np.
  • NPACTION
    Allows you to enable/disable the display of now playing as an action instead of regular text.
  • PERCENTAGES
    Allows you to enable/disable the use of percentages in memory and swap information.
  • CPUINFO
    Shows the CPU count and extended specifications, which includes the cache size of the CPU in use. More details may be added in future versions.
  • MEMINFO
    Shows memory and swap usage in megabytes.
  • DISKINFO
    Displays mountpoints in use. Both size and usage are reported.
  • SOUND
    Displays soundcard type (brand name and type).
  • VIDEO
    Displays videocard type.
  • NP
    Displays the currently playing song in your media player (which could be Audacious, Beep Media Player or XMMS).
  • NETDATA
    Displays total network traffic on a given interface. You need to pass the interface name with the command; example:
    /NETSTREAM eth0
  • NETSTREAM
    Displays current network traffic on an interface. Note that this command has a lag of about 2 seconds because the traffic needs to be measured. Pass an interface name such as eth0.
  • ETHER
    Displays ethernet card type.

shukko·Huawei E353 HILINK modem ( nam-i diger Turkcell VINN) için yorumlar kapalı

Huawei E353 HILINK modem ( nam-i diger Turkcell VINN)

bu 3g usb stick modem pek guzel

takiyorsun pc ye

direk kendisi nat yapiyor

kendi ip adresini 192.168.1.1 veriyor

bu adresde bir websitesi calistiriyor

baglandigi pc de bir usb ethernet karti olusturup 192.168.1.100 ip veriyor

sikir sikir NAT uzerinden nete giriyor.

FAKAT ! BIR PROBLEM VAR!

ben bu modemi uzak masaustu yapmak icin kullanmak istiyorum

Ancak bu modda iken salak NAT hic bir sekilde port forwarding vs vs yapamiyor.

Bu durumda Uzunca suren arastirmalardan sonra

asagidaki dokumana rasladim. Bir amca HILINK firmwareini dump etmis

oradan bir baskasida dokumani yazmis

kisaca modemin nat olarak calismasini degil direk DIAL UP PPP yapmasini sagliyoruz

su sekildedir dokuman

bu E3131 den bahsediyor ancak ayni sey E353 icinde calisiyor.

—————

Huawei E3131 – Disabling HiLink and turning into a dialup modem.

For a while been searching for the holy grail of disabling HiLink and reverting my new Huawei E3131 dongles back to the dialup modem based operation of previous dongles.

First step is to enable the serial console. To do this plug in your dongle and visit the following webpage

http://192.168.1.1/html/switchProjectMode.html

The modem will now restart and present a couple of serial interfaces instead.

Connect to the fist of the two interfaces, eg /dev/ttyUSB0 with a Baud rate of 9600bps using a terminal client of your choice. I used minicom, which is available in most distros repos. And type the modem the following command.

AT^U2DIAG=0

If this is succesful it will respond with OK.
This will cause the device to permamently function in modem mode when plugged in. To restore its HiLink functionality. Do the same and send the following command instead.

AT^U2DIAG=119

Once the device has had its mode changed in this way. It requires removing and plugging back in to take effect.

Operating in modem mode it will change its product ID and should look like this (lsusb)

Bus 001 Device 082: ID 12d1:1c05 Huawei Technologies Co., Ltd. E173s 3G broadband stick (modem on)

If you don’t have the virtual tty’s created upon device insertion. Then manually bind it too the option module like follows (As root obviously)

echo “12d1 1c05″ > /sys/bus/usb-serial/drivers/option1/new_id

From there you can dial out as accustomed using the first created virtual tty. eg, /dev/ttyUSB0

———-

 

KISACA

1-  modemi tak

2-   http://192.168.1.1/html/switchProjectMode.html bu sayfayi ac modem reboot edip usb baglanti noktalari olusturacak

3- bu noktalara telnet ile baglan baud rate 9600

4- bu konutu calistir AT^U2DIAG=0

5- modem PPP dial UP modem oldu bitti

6- sok tak dial up baglanti olustur baglan

7- eski haline cevirmekmi istiyorsun gene telnet eyle

ve

AT^U2DIAG=119

yaz

OK

yanitini al

oldu bitti modem gene nat yapar.

 

Tesekkurler VINN 🙂

 

 

 

ONEMLI NOT:

Bir seyi farkettim, Turkcell default APN Internet ile baglandiginda dial up olarak eskisi gibi Reel internet Ip adresi vermiyor

Oda nat yapiyor

100.xxx.xxx.xx diye bir blokdan ip veriyor

seni nat uzerinden cikartiyor.

Ama benim 3g modemimde sabit ipim var , parasini oduyorum

188.x.x.x diye bir ip. Modemi standart NAT haline getirip baglan dedigimde 3g statik olarak bu ipide goruyorum

simdi bu ipi PPP dialup esnasinda nasil pcme tanimlarim o kaldi.

Onuda yaparsam oldu bu is demektir 🙂

 

shukko·Free & Public DNS Servers (Updated August 2013) için yorumlar kapalı

Taken From: http://pcsupport.about.com/od/tipstricks/a/free-public-dns-servers.htm

Free & Public DNS Servers (Updated August 2013)

Provider Primary DNS Server Secondary DNS Server
Level31 209.244.0.3 209.244.0.4
Google2 8.8.8.8 8.8.4.4
Securly3 184.169.143.224 184.169.161.155
Comodo Secure DNS 8.26.56.26 8.20.247.20
OpenDNS Home4 208.67.222.222 208.67.220.220
DNS Advantage 156.154.70.1 156.154.71.1
Norton ConnectSafe5 198.153.192.40 198.153.194.40
SafeDNS7 195.46.39.39 195.46.39.40
OpenNIC8 74.207.247.4 64.0.55.201
Public-Root9 199.5.157.131 208.71.35.137
SmartViper 208.76.50.50 208.76.51.51
Dyn 216.146.35.35 216.146.36.36
censurfridns.dk10 89.233.43.71 89.104.194.142
Hurricane Electric11 74.82.42.42
puntCAT12 109.69.8.51

[1] The DNS servers listed above as Level3 will automatically route to the nearest DNS server operated by Level3 Communications, the company that provides most of the ISPs in the US their access to the Internet backbone.

[2] Google also offers IPv6 public DNS servers: 2001:4860:4860::8888 and 2001:4860:4860::8844.

[3] Securly’s DNS servers block adult content by default, including of course X-rated content but also adult oriented pages on websites like Wikipedia, adult themed searches on Google, and more. The grown-ups in the house can sign up here to bypass all restrictions.

[4] OpenDNS also offers DNS servers that block adult content, called OpenDNS FamilyShield. It’s also free but you do have to sign up here. A premium DNS offering is also available, called OpenDNS Home VIP.

[5] The Norton ConnectSafe DNS servers listed above block sites hosting malware, phishing schemes, and scams. Use 198.153.192.50 and 198.153.194.50 to block those sites plus those with pornographic content. Use 198.153.192.60 and 198.153.194.60 to block all previously mentioned site categories plus those Norton deems “non-family friendly.”

[7] Register here with SafeDNS for content filtering options in several areas.

[8] The DNS servers listed here for OpenNIC are just two of many in the US and across the globe. Instead of using the OpenNIC DNS servers listed above, see their complete list of public DNS servers here and use two that are close to you or let them tell you that automatically here. OpenNIC also offers some IPv6 public DNS servers.

[9] These Public-Root DNS servers are the only two currently operating in the United States but if you’re located ouside the US, see their complete list here and choose the best servers based on your location.

[10] The censurfridns.dk DNS servers are uncensored, operated by a privately funded individual, and are physically located in Denmark. You can read more about them here. IPv6 DNS servers are also available at 2002:d596:2a92:1:71:53:: and 2002:5968:c28e::53

[11] Hurricane Electric also has an IPv6 public DNS server available: 2001:470:20::2.

[12] puntCAT is physically located near Barcelona, Spain. The IPv6 version of their DNS server is 2a00:1508:0:4::9.

Note: Primary DNS servers are sometimes called preferred DNS servers and secondary DNS servers are sometimes called alternate DNS servers. Primary and secondary DNS servers can be “mixed and matched” to provide another layer of redundancy.