Circumventing DNS-level ISP blocks (ThePirateBay / The Pirate Bay – Belgium)

Today, two of Belgium’s biggest operators, Telenet and Belgacom, got a court order to block the website ThePirateBay.org, and about 20 alternative URL’s to the same site. The court ordered them to do a DNS-level block of the domain names, which is easy to circumvent. I’m writing this post because I’m against censorship on the internet (this sets a dangerous precedent), not because I’m in favor of copyright infringement or other illegal activities.

Update: In august 2013, Belgian ISP’s silently (!) extended the block to more torrent sites: KickassTorrents, h33t, Bitsnoop, etc … Simply changing DNS servers as described in this post is still the easiest way to fix this.

What is DNS?

DNS stands for Domain Name System (wikipedia). It’s a system that translates human-readable website addresses into numerical identifiers which can be used by your computer. For example, “http://www.google.be” points to “74.125.79.104”. Which of those two is easier to remember for you? :)

When your system wants to translate a website-adress into a numerical identifier, it contacts a DNS Server, which is basicly just a big table with all the translations in it. This is usually provided by your ISP, and will be the default one if you haven’t made any changes to your internet settings. For Telenet, these DNS servers look like: 195.130.X.X, for Belgacom, they are situated in the 195.238.X.X range.

What the recent court ruling forces the Belgian ISP’s to do (at risk of a hefty fine), is to simply stop answering to any requests for certain domains (e.g. ThePiratebay). This crude drawing demonstrates it. They may stop answering, or redirect the user to a page which explains why the site cannot be reached anymore.

How do I know whether or not the access is blocked?

As of today, Belgacom and Telenet serve this page when trying to access http://www.thepiratebay.org:

Choosing a different DNS Server

So that’s it then? Wrong! As an internet user, you are free to pick a different DNS server. In Layman’s terms: you are free to choose who translates your human-readable URL’s into numerical identifiers! There are tons of alternative DNS servers available, and during the last years, more and more people have started using them, for various reasons:

  • To circumvent censorship (our case, but also in countries with restrictive information policies like like China, Korea …)
  • Better security (some DNS servers are quicker in blocking URL’s which contain malware)
  • Faster response times
There are tons of options available. The most popular ones are OpenDNS and the Google DNS. For a full list, check this website. Which one is best for you depends on your geographical location, but you probably can’t go wrong in picking any of the two mentioned. Both services have servers all over the world and will most likely respond as fast (or even faster) as your ISP’s DNS. If you’re very serious about picking the absolute fastest one for you, you can use a tool like Namebench to find out which DNS server is fastest, but again, using any of the big boys will probably be the best choice.

Configuring your system/network to use a different DNS Server

The good news is that configuring your system to use a different DNS server is not hard at all. If you don’t like it, you can easily revert the procedure. Don’t be afraid because of the semi-technical mumbo-jumbo above, it’s a lot easier than it sounds :) All you need is the IP address for the new DNS service. Most services offer a primary and a secondary address (which is used if the first address cannot be reached). For the two main alternatives, these are:

  • GoogleDNS: 
    • 8.8.8.8 and 8.8.4.4 for IPV4
    • 2001:4860:4860::8888 and/or 2001:4860:4860::8844 for IPV6
  • OpenDNS: 208.67.222.222 and 208.67.220.220
You can configure an alternative DNS server on a per-computer basis, or for your whole network. The first one is the quickest, probably easiest solution, the last one has the huge advantage that all devices on your network will use the new DNS automatically, without the need to configure them all.
  • Per-computer-basis: I happily refer to the excellent documentation on the Google website. They have guides for every flavor of Windows, Mac or Linux.
  • Network basis: Check your network router’s manual. Usually, you can browse to a local address like 192.168.1.1 or 192.168.2.1, log in using admin username and password, and then configure the DNS settings. Again, the OpenDNS website has an excellent guide for every modern router.

Am I breaking the law now? Will this damage my system?

Don’t worry, this is perfectly safe and easily reversible.

As for the legality: I’m not a lawyer, but as far as I know (and do correct me on this in the comments if I’m wrong), there’s nothing illegal about using an alternative DNS server. You get to decide which service you prefer.

What if they block more in the future / this method doesn’t work ?

The method in this article can still be used to be able to access the bay from the old URL and prevent further blocks – switching your DNS away from your default provider is something worth trying. It won’t always work, but is a working solution for most of the countries that block the bay.

Proxies

Even if SABAM would persist and ask an IP-based block of TPB (thus rendering the method describe in this article obsolete) there are thousands of other proxy sites. Check out https://piratereverse.info/ for example, and find tips on how to set up your own proxy (which -as far as I know – is legal) An up to date list can always be found at : http://proxybay.info/

VPN

By using a VPN, your internet exit point can be chosen in a different country – like a country which is less restrictive on which sites its citizens can view. You know, a country without censorship. Read alla bout VPN’s at Lifehacker. There are free VPN’s, but for the better ones, a small payment is required. I personally use Witopia, which provides access points in countries all over the world, and costs me about 50 dollars on a yearly basis. Using a VPN has a lot of added benefits: it allows you to watch region-restricted content (Hulu, BBC iPlayer, …), and keeps you safer on untrusted networks.

TOR

TOR (The Onion Router, not related to torrents) protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world. Using it is as easy as downloading the Tor Browser bundle from this website, unzipping it, and voila. You can even donate some of your bandwidth to the TOR network and help out.

Anything else I can do?

Demand a free and open internet, before it’s too late. Be vocal about it. Write to your ISP (Telenet contact and Belgacom contact) and your politicians. Support the EFF and/or your local Pirate Party (for Belgium: http://pirateparty.be/)

Sources: TorrentfreakTweakers.net

Leave a Reply