Use onedns to perfectly solve the optimization problem of office network

Preface

Enterprise Office , Do you often encounter the following problems ：

1. Some inexplicable applications are installed on your computer , Slow down the computer , Affect office efficiency ;
2. There are always some advertising pop ups on the computer desktop from time to time , It's annoying ;
3. There are other people who always open websites forbidden by the company during working hours , Like web games 、 Gambling websites, etc ;
4. The company server always restarts inexplicably in the middle of the night , Suspected of being “ Mining in bad faith ”, But I can't find the specific infected file ……

It's a common problem , Probably DNS Hijack or encounter CSRF attack .

DNS hijacked

DNS Hijacking is domain name hijacking , By matching the original domain name to IP Address to replace , This allows users to access the wrong website , Or an attack that prevents users from accessing the website normally .

CSRF attack

CSRF, Cross-site request forgery （ The full English name is Cross-site request forgery）, It is a method of holding a user to log in at the current time Web An attack method that performs unintended operations on an application .

Example ：

1. The user logs in to the bank , Didn't quit , The browser contains the user's identity authentication information in the bank .
2. The attacker will falsify the transfer request , Included in the post .
3. When the user keeps logging in the bank website , Browse posts .
4. Fake transfer request together with authentication information , Send it to the bank website .
5. Bank websites see authentication information , Think it is the legitimate operation of the user , Finally, it causes the loss of users' funds .

How to solve DNS Hijacking and avoidance CSRF attack ？

Method 1

solve DNS hijacked ：

1. Directly through IP Address visit website , To avoid the DNS hijacked

2. Because domain name hijacking can only be carried out within a specific network , Therefore, some advanced users can make DNS Point to the normal domain name server to achieve normal access to the target web address , For example, computers are preferred DNS The address of the server is fixed as 8.8.8.8.

avoid CSRF attack

1. Check Referer Field ：HTTP In the header Referer The field records the HTTP The source address of the request . In general , Requests to access a security restricted page come from the same website , And if hackers want to do it CSRF attack , He can only build requests on his own website . therefore , Can be verified by Referer It's worth defending CSRF attack .
2. Add validation token： stay HTTP Was added a request in the form of randomly generated parameter token, And build an interceptor on the server side to verify this token, If not in the request token perhaps token The content is not correct , Think it might be CSRF Attack and reject the request .
3. Sensitive operation multiple check ： For some sensitive operations , In addition to verifying the user's authentication information , You can also confirm by email 、 The verification code confirms multiple verification in this way .

Method 2

install OneDNS

OneDNS Protection principle

OneDNS Get the requested domain name , Real time collision with cloud intelligence base , Secure domain name stable and efficient resolution , Return resolution IP Give users access ; detected Malicious domain names are not resolved , Direct interception , Return to the interception page , Achieve security protection .

OneDNS install

It's easy to install , Direct will DNS The address to OneDNS Of IP address , Interception upon access .