Local DNS with Dnsmasq running in Ubuntu LXC - Proxmox tutorial series

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
are you tired of remembering the IP numbers for all of the servers in your internal Network why don't you just set up a logo DNS server so that you can just use the names instead of the IP numbers in this video I will walk through the process of installing DNS mask which provides DNS DHCP router advertisement and network booting capability to a small Network the features we're going to look at are the DNS server capability and the DHCP capability ility if I have a new machine on my network that is named Evil Box I can't just ping Evil Box without telling the system of his existence I will get an error of unknown host so if I do ping Evil Box I would get this error so the easiest thing to do for adding the capability of domain name resolution is to edit the/ Etsy host file which is available in the Linux and Mac OS on Windows is also available under C colon back SL Windows back SL system32 back/ drivers back SL Etsy back hosts so I'm going to go ahead and do sudu VI of/ Etsy host I'm going to add the IP number of Evil Box in addition to the name Evil Box go ahead and quit and save this file now uh when I'm back on my command line I can go ahead and ping Evil Box because my system is now looking at at the host for the domain name resolution this is great but if this machine reboots or if I want to be able to access evil box from another machine in my local network then this method won't work right I would have to edit the Etsy host file on every single machine so the other thing I can do is edit the Etsy resolve. conon file on all of my clients to point to the name server of 192.168.1 207 right my local DNS but that's a lot of manual work right plus how about uh those devices that you can't really edit like phones and tablets we can solve that problem using the DNS mask program to serve as a DNS server and a DHCP server let's start creating a Linux container in my proxmox virtual environment that I had set up in a separate video I'm first going to click on the create CT button up here to create a lxc for running DNS mask all right in the general tab we can set the CTI ID which I'm going to make 207 and then a host name of DNS mask DCT because that's what the container is going to do it's fairly descriptive and then I'm going to add a password and make sure that the unprivileged container is checked and nesting is also checked I'm going to hit next and then we see the template Tab and I'm going to select the only storage pool I have and then for the template I'm going to use Ubuntu 22.4 I'm going to hit next and then we're going to see the dis tab I'll be asked to select the storage pool and the data size which I'm going to take the default of 8 gigs and I'm going to hit next and then we see the CPU tab once again I'm going to take the default of one core for this container and then I'm going to hit next and see the ram tab I'm going to leave the default of 512 Megs of RAM and 512 Megs of swap I'm going to hit next and then we see the network tab here I'm going to leave the firewall checked as the default and then I'm going to set a static IP of 192.168.1.2 7 for the ipv4 and then I'm going to add the sl24 for the CER notation for this network and for the Gateway I will enter 192.168.1.1 then I'm going to hit the next button and then we see the DNS tab I'm going to type in the local domain name as blue monkey fix. loal and then for DNS servers I will use the Google one of 8.8.8.8 I'm going to hit next and we're going to see the confirmation page read over everything to make sure this is what you want and then down here I'm going to leave this unchecked the start after created because I'm going to need to do some things so I'm going to leave that unchecked and then hit finish and let it create the container okay when it's done with creating the container we can boot the container and then log in with the credentials we just created and the first thing I'm going to do is the perun updates and upgrades to make sure that I have the latest and greatest system software so I'm going to do an appt update % % app upgrade dasy to answer yes to everything and when that is done I'm going to install the DNS mask server software by doing apt install DNS mask and it installs fairly fast but it looks like uh during the install it failed with a the error of failure to create listening socket for Port 53 address already in use all right so the question is what is using it so let's find out there's two different ways well there's more than two but the two ways I'm going to look at here is lsof f right to look at all the open files pipe that to grep dasi of listen that is going to show us all the listening ports and here we see Port 53 is being used by System D- resolve all right let's take a look at another way of finding out what is using that Port we can use net stat-4 nltp and uh unfortunately this container doesn't have the net tool so I'm going to go ahead and install with apt install net-tools and once that's done I'm going to go ahead and do net stat that -4 nltp and once again uh it comes back and shows us that Port 53 is being used by System D- resolve so let's go ahead and stop that process so that we can actually use that Port so the way to do that is doing system control stop system D- resolved and when it comes back it gives us no feedback so let's go ahead and get our own by doing system CTL status and then system D- resolved and what we see is that the process is inactive which is good that's what we did by stopping it but it's still enabled which means it will restart upon reboot of this machine which we don't want because we want to run the DNS Mass service to handle DNS and use port 53 instead of system D resolve and so to make sure it does not restart and reboot we can go ahead and disable that service by doing system CTL disable systemd-resolved and again we get no feedback so let's go ahead and do system control status systemd-resolved and here we can see that it is now disabled all right a couple of things that I want to do before I go back and restart the DNS Mass Service as we discussed in a different video the file etrol docon is transferred by the DHCP server to to the client when an IP is issued right so if we look at the Etsy Das resolved on this machine here if we do a more we see that the name server is set to 8.8.8.8 but we want to change this to refer to a local DNS on this machine so I'm going to go ahead and delete the resolve docon file actually technically I don't want to really delete it I want to just change the name of it in case I change my mind so I'm going to do move etyres solve.com to/ etyres solve.com doback BKP all right so now we've gotten rid of the resolve. con file let's take a look at the next step because we want to run our own name server using DNS mask let's go ahead and edit the config file for DNS mask at ETS cdns mask.com I'm going to go ahead VI Etsy dnsm mask.on and there's a couple of things that we want to go ahead and change right now this template has everything commented out so we want to uncomment some things so the first thing we want to do is uncomment this thing down here it says domain Dash needed yeah we don't want to forward any plain names that doesn't have a domain right so we need a domain before it gets forwarded so that's a good thing and we also want to uncomment this line that says bogus D priv because we don't want to for any addresses in the non-routable space third thing we want to do is this line down here that says no- resolve you actually want to uncomment that as well because we don't want the system to read the resolve docon file we want the system to get the name server from this file and down here I'm going to actually specify server equals 8.8.8.8 all right so because there is no resolve it's going to come and look at this this as the outside external DNS server all right we're going to come down a little more and we are going to have this line that says local equal BL monkey forensic dolo because this is going to be our local domain on the internal Network here and then looking down a little more we want to add the host names right that are not complete so we want to uncomment expand hosts and then attached to that is the name that we actually want to expand it to so domain equals Blue Monkey forensics dolo since we already editing this file let's also update the DHCP configuration so far we've only been doing DNS related configurations all right so the first thing we want to do is we want to set up how DHCP is going to assign the IP numbers so I'm going to give it a range from 192.168.1.200 it's going to go to 192.168.1 250 and then the net mask is going to be 255 255 255 and then lastly uh the least time is 12 hours next we're also going to add an option so DHCP D option equals option colon router comma 192.168.1.1 1 so this is going to tell the system the router is at 1.1 we going to add another option DHCP option equals option colon dns-server comma 192.168.1.2 7 right so27 is going to be our DNS server and lastly we want to uncomment the line that is DHCP authoritative right so we want to make sure the network knows that this is the DHCP service to listen to okay we can go ahead and write and quit this file and just as a summary if we want to take a look at the lines that we just uncommented or added what we can do is do gp-- v- e double quote carat pound double quote- e double quot carrot dollar sign double quote SL Etsy dnsm mask.com so what this does is- V is basically reverse all right so everything that doesn't doesn't match the pattern will be will be displayed and the patterns we want to match is Carrot dollar sign the carrot is the beginning of line and dollar is the end of line so if you just have carrot dollar that means it's a blank line and we want to also filter out the carrot pound which is basically having pound as the first character of a line which is basically all the commented Out Lines so now we can see these are all of the lines that we just added or uncommented out all right the next thing we need to do is update the Etsy host file with the names of the machines on the local network and their Associated IPS right so this is a centralized location for all of the mappings so I'm going to go ahead and vi/ Etsy hosts so the Local Host is already there I'm going to leave that be what I'm going to do is add 192.168.1.1 19 that's our proxmox server I'm going to add 192.168.1.1 77 and I'm going to call it airdrop space snapdrop so you can put multiple names and they both will resolve to one IP and lastly I'm going to put 192.168.1 77 and then that's our open View VPN service and keep in mind you don't want to edit any text in between these um PVE sections because they're going to get overwritten all right so now that we've done that let's go ahead and start the DNS mask service by doing system control start DNS mask and then to make sure that it also starts upon reboot we can do system control enable DNS mask all right so everything should be running let's go ahead and test it from a machine that is on the network now if we do a ping from our client machine I'm going to do ping snapdrop this would fail because the machine has not received the updates from the DNS server we have one more step to go we are almost done with setting up our local DNS but before continue please click on the thumbs up icon to like this video video and while you're at it please subscribe if you haven't already done so it is not for the YouTube algorithm which I'm not sure if it's even a thing it just gives me an ego boost now we can continue to make changes to our router my network is currently configured such that the DNS mask machine is running DHCP and DNS plus our router is also running DHCP so what I need to do is to tell the router to stop running DHCP keep keep in mind that this next step will be different for everyone as your network may be set up differently and your router is most likely going to be different than mine on my FiOS router I'm going to go ahead and click on the Advan Tab and then under network settings go into network connections and then from there look for the network for home/office and then once in there I'm going to do settings and then look for this thing it says IP address distribution currently it is set for DHCP server right so here are the settings for what my router is doing as a DHCP server but I'm going to go ahead and switch this to disable as I have DNS mask doing all that and then once I'm ready with that I'm going to hit save changes and that's all we need to do with the router to turn off DHCP service now I'm going to go ahead and reboot my client machine and then and once it comes back up I'm going to type resolve CTL status and what I'm looking for here is that the DNS is going to be updated to point to our DNS Mass server of 192.168.1.2 7 and if we ping snapdrop we can now see that the machine responds and we can also see that a fully qualified domain name is is attached right so it's actually snapshot. BL monkey forensics doloo all right so in summary in order to create a local DNS server so that you can just type in the name of the local server instead of the IP number we need to create a new LXE and then download the DNS Mass server software then we need to set up the DNS MK server to perform DHCP and DNS then we we're going to update the router to turn off DHCP and then we can reboot any existing clients so that they can see DNS in action and any new machines that join the network should not have to do anything the DHCP should take care of all of the DNS issues for more networking videos watch these videos here leave a comment below and make sure you click on the Blue Monkey to subscribe thanks for your time and Happy Hunting
Info
Channel: BlueMonkey 4n6
Views: 1,035
Rating: undefined out of 5
Keywords: Digital Forensics, Incident Response, sysAdmin, network Forensics, cybersecurity, infosec, DFIR, tutorial, bare metal server, hypervisor, MacBook Pro, homeserver, proxmox, virtualization server, homelab, Ubuntu Server, networking, VM, Virtual Machine, LXC, Linux Container, DHCP, DNS, Domain Name Service, dnsmasq, kea, /etc/hosts, /etc/resolv.conf, lsof, grep -i listen, netstat -4nltp, net-tools, systemd-resolved, systemctl, /etc/dnsmasq.conf, resolvectl, dns server configuration in linux
Id: 2KYeUCorJ-M
Channel Id: undefined
Length: 17min 59sec (1079 seconds)
Published: Tue Jan 02 2024
Related Videos
Day in the Life of DFIR - interview with Professor Ali Hadi, Ph.D., Senior Cybersecurity Specialist.
BlueMonkey 4n6
518
OpenVPN install on Proxmox LXC - VPN tutorial
BlueMonkey 4n6
2.5K
Must have travel tech 2024 - 10 items to level up your cruising experience
BlueMonkey 4n6
3K
Windows Shortcuts tricks you may not know - especially for Digital Forensics and Incident Response
BlueMonkey 4n6
162
Loadable Kernel Modules - basic introduction and tutorial of module commands.
BlueMonkey 4n6
2.1K
Lab Tour: Cyber Forensics Lab at NIWC Atlantic
Naval Information Warfare Systems Command - NAVWAR
3.2K
Top 5 ways you're WASTING money on with your PC!
JayzTwoCents
433K
tmux tutorial - how to do awesome things with this terminal multiplexer
BlueMonkey 4n6
764
Proxmox basic install tutorial - using an old MacBook Pro as a virtual environment server
BlueMonkey 4n6
2.6K
Wyze cam on the go - how to setup a security camera in a Hotel room or Cruise ship cabin
BlueMonkey 4n6
1.3K
Android and iOS backup analysis using *LEAPP tools and Linux based tools
BlueMonkey 4n6
744
DAY 7 - Front - End web development - ENG/ AHMED YAHIA
Elmasriaedu
186
Capture Network Traffic with TCPDump
Hackery
5.1K
0079 I'm at a loss for words when I first see this Tandy 4000 computer
Adrian's Digital Basement ][
55K
E2E 5G Deployment: O-RAN Split 7.2
NgKore
192
terminal vs shell vs console - why this is important for linux forensics
BlueMonkey 4n6
522
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.