Join Log in
Score:8
Payel Senapati avatar Ubuntu

No internet in Ubuntu 22.04, editing /etc/resolv.conf brings back internet, but is this method secure?

sa flag
Payel Senapati

In my Ubuntu 22.04 suddenly I have no internet. Although WiFi is connected. I came across this solution in a youtube video. I edited my resolv.conf file as follows:

#nameserver ::1
#nameserver 127.0.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4

And now I have internet. I want to know whether by following this method my system is secure or not?

Also why do I have to edit /etc/resolv.conf to bring back internet

The result of my ls -al /etc/resolv.conf is -

-rw-r--r-- 1 root root 975 May 23 16:27 /etc/resolv.conf
3923
4 + 6
Organic Marble avatar
us flag
Organic Marble
No one can know if your system is secure.
2
Reply
chili555 avatar
cn flag
chili555
Let's try to fix the underlying issue rather than band-aiding it. Please edit your question to add the result of the terminal command: `ls -al /etc/resolv.conf`
0
Reply
st flag
Jörg W Mittag
What do you mean by "secure"? The term "secure" doesn't make sense as an absolute term. Security is always relative to a *threat model*. So, you need to define your threat model: what are you protecting? How much is it worth to you to protect it? How much is it worth to your attacker? How long does it take to become worthless? *Who* is your attacker? Is it the neighbor's kid, an organized crime syndicate, Anonymous, a state-level actor (e.g. NSA)? What are the attack vectors you are considering? There is a big difference between someone willing to spend $10 to attack you vs. $100 million.
0
Reply
st flag
Jörg W Mittag
Your biggest concern is not how secure it is what you are doing, but the fact that you are fixing a problem without understanding why the problem occurred in the first place, which means you have no idea how deep the problem goes and you have no guarantee that it won't randomly re-appear at any moment. In other words, if your system were working, you shouldn't need to do this, so the big question is not how secure your fix is but why your system is broken.
6
Reply
Payel Senapati avatar
sa flag
Payel Senapati
@chili555 did it
0
Reply
terdon avatar
cn flag
terdon
@chili555 I have seen this on my Arch system too: NetworkManager (I think, not 100% sure) kept adding the line `::1` to the file, effectively borking my DNS resolution. It was eventually fixed by an update, but for a while there, I was running `sudo sed -i 's/::1/8.8.8.8/' /etc/resolv.conf` every time I restarted my machine.
0
Reply
Score:18
user10489 avatar Ubuntu
in flag
user10489

Editing resolv.conf wont give you internet access if you don't already have it, but this edit can fix a very specific problem.

This file controls hostname resolution using DNS. If your computer is configured to use a DNS server (or is configured via DHCP or something) and that server is broken, then this helps.

Specifically, the first two lines (which are commented out and disabled) use a local DNS server that is presumably configured to talk to an upstream DNS server.

The next two lines configure the system to instead use Google's DNS servers (8.8.8.8 and 8.8.4.4). It is a matter of opinion (out of scope here and not enough info even if it wasn't) if this makes your system less secure or more secure than whatever unknown default DNS servers your system would otherwise use.

Also note (as mentioned in the other more Ubuntu specific answer) that editing this file may disable automatic DNS network configuration and/or may be stepped on by automatic network configuration.

+ 0
Score:9
Rajesh Keladimath avatar Ubuntu
dz flag
Rajesh Keladimath

Editing the /etc/resolv.conf file to add DNS server information can be a temporary workaround to restore internet connectivity in certain situations.

However, it is not considered a secure or reliable long-term solution. Here's why:

Dynamic DNS Configuration: In modern Ubuntu versions, including Ubuntu 22.04, the /etc/resolv.conf file is dynamically generated by the system based on network configuration settings. Modifying this file manually may lead to conflicts or being overwritten by network manager services, DHCP (Dynamic Host Configuration Protocol), or other network management tools.

Network Manager: Ubuntu uses Network Manager as the default network management tool, which dynamically manages network connections, including DNS configuration. Network Manager handles DNS resolution by utilizing the DNS server settings obtained from DHCP or other network configuration sources. By manually editing /etc/resolv.conf, you may interfere with Network Manager's functionality and cause unexpected behavior.

Security Considerations: The /etc/resolv.conf file can contain sensitive information, such as DNS server addresses or search domains. By modifying it manually, you might introduce security risks or expose your system to potential attacks. Additionally, your changes might be lost or overwritten during system updates or network reconfigurations.

To ensure secure and reliable DNS configuration in Ubuntu, it is recommended to use the standard network configuration tools provided by the operating system. Here are some alternatives:

Network Manager Configuration: Use the Network Manager GUI or command-line tools (e.g., nmcli) to configure DNS settings. This allows Network Manager to manage DNS configuration properly and ensure consistency.

systemd-resolved: Ubuntu 22.04 and newer versions utilize systemd-resolved as the DNS resolver by default. You can configure DNS settings using the systemd-resolve command or by modifying the appropriate configuration files under /etc/systemd/resolved.conf.d/.

DHCP Configuration: If you are obtaining network configuration information from a DHCP server, ensure that the DHCP server is correctly configured to provide the appropriate DNS server addresses. This way, your system will automatically receive the correct DNS settings without manual intervention.

By relying on the standard network configuration tools, you can ensure that your DNS configuration remains consistent, secure, and compatible with system updates and network management services.

+ 4
Joseph Sible-Reinstate Monica avatar
kr flag
Joseph Sible-Reinstate Monica
I downvoted for "The /etc/resolv.conf file can contain sensitive information, such as DNS server addresses or search domains. By modifying it manually, you might introduce security risks or expose your system to potential attacks."
4
Reply
Peter Cordes avatar
fr flag
Peter Cordes
Pointing your resolv.conf at malicious DNS servers could be a problem for things that don't use SSL or equivalent to authenticate the host they connect to. But the existing information in it isn't "sensitive", it's not a secret, that's why the file is world-readable. External attackers that can intercept network traffic from your machine can also see what IP addresses you're sending DNS packets to. Other than that mis-use of the word "sensitive", this answer looks generally good, though.
1
Reply
user10489 avatar
in flag
user10489
resolve.conf contains sensitive information only in the sense that changing wrong it could cause problems. Putting bad dns servers there could cause huge security problems, but I think google's dns servers don't qualify for that. At worst, they may be a minor information leak. But their leakage could be less than the defaults. Or if the defaults are corporate dns servers with extra security protections, they could be weaker while not being an actual problem.
0
Reply
user10489 avatar
in flag
user10489
Also, manual configuration of a system (if done correctly) doesn't weaken its security and can be a good permanent stable solution. Using dynamic automatic configuration is less error prone and more robust in the face of a changing network, but is less stable. There are many very good reasons to configure statically by hand or leave it dynamic; each can be appropriate in the right situation, I won't say that either is more secure or better without more information.
1
Reply
Score:3
chili555 avatar Ubuntu
cn flag
chili555

The file /etc/resolv.conf is intended to be a symbolic link to /run/systemd/resolve/stub-resolv.conf Check:

ls -al /etc/resolv.conf

If it is not, correct it:

sudo rm /etc/resolv.conf
sudo ln -s /run/systemd/resolve/stub-resolv.conf  /etc/resolv.conf
+ 4
terdon avatar
cn flag
terdon
Intended by whom? Is this a Debian/Ubuntu thing or is there some more general standard you are referring to? I ask because on my Arch, not only is resolv.conf not a symlink, I don't even have a `/run/systemd/resolve/` directory.
0
Reply
chili555 avatar
cn flag
chili555
@terdon It is a symbolic link by default in all recent Ubuntu versions. The default resolv.conf file even says: "# Do not edit." As we've seen in many cases, including above, edits usually don't work well if at all.
0
Reply
terdon avatar
cn flag
terdon
Yes, but I always thought that was because NetworkManager was supposed to handle it. Anyway, sounds like this is a Debian and/or Ubuntu thing not a general systemd one. It does make sense to have it as a symlink, I hope others will follow.
0
Reply
user10489 avatar
in flag
user10489
It is intended to be a symlink by the several methods of dynamic configuration that ubuntu supports. Replacing the symlink with a file is an accepted method for disabling dynamic configuration of DNS.
0
Reply
Score:0
avatar Ubuntu
cn flag
Rodney

My /etc/resolv.conf starts off with:

# This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.

Crucially, it also contains this:

nameserver 127.0.0.53

that is the address the systemd resolver is listening on.

As previously mentioned, you might need to fix the symlink. This issue may have been caused a dist-upgrade with a modified /etc/resolv.conf causing the update to this file to be skipped.

For a Desktop, typically, netplan also contains a stub configuration:

/etc/netplan/01-network-manager-all.yaml

# Let NetworkManager manage all devices on this system
network:
  version: 2
  renderer: NetworkManager

With these two things in place, the correct DNS settings can be applied via the Network Manager.

Finally, if you are using DHCP, check that your DHCP server is actually serving up a working DNS. You can test this by overriding the DHCP server's DNS config by selecting IPv4->Method->Automatic (Address Only). That setting is for DHCP but with manual DNS. An simpler test would be - do other devices work correctly with this Wifi link?

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.