RELEASE 90DNS: DNS server for blocking all Nintendo Servers

Discussion in 'Switch - Emulation, Homebrew & Software Projects' started by AveSatanas, Aug 27, 2018.

Loading...
  1. StormSilver

    StormSilver GBAtemp Regular

    Member
    2
    Sep 20, 2018
    United States
    I read up on it and it seems like good ban protection even against hard coded IPs, unlike just protecting against name resolution. I'll use both that and 90DNS!
     
  2. AveSatanas
    OP

    AveSatanas GBAtemp Regular

    Member
    6
    Aug 7, 2018
    United States
    Connection test failing is a sign that 90dns is working as it hits up dauth IIRC.

    ---

    Honestly, I'm happy that blawar brought prodinfo mods to the table again, but I've some worries as I've been told that prodinfo is cached in system savefiles, and I'm personally worried about the telemetry your console uploads which may still have your account, ticket etc data which can be used to ban your console or account.

    Right now it might prevent my own concerns as it does break your client cert, but N could always just allow any client cert to connect (on telemetry endpoints) and send telemetry and ban people. This is a much bigger risk than a fw update happening and adding hardcoded IPs because it actually can be done by N on serverside at any time.

    IMO the proper way to use incognito would be to run it, then do a factory reset, but this isn't what you're told on its README or thread, so I'm worried for people thinking that they can run it once and be safe forever.

    Also doing a factory reset isn't really favorable to all, as you lose all of your games, and as your prodinfo is gone, you can't re-download them from eshop, meaning that you'll need to stick to cart games, backups or "backups". With cart games you're missing out on a lot of eshop only titles, and with backups/"backups", you are required to use ES patches, and this will not only exclude you from support on various big communities, but also force you to wait before updating as the patches take time to be updated.

    But all in all, I think that incognito could be improved and de-snarked, and perhaps then I will appreciate and recommend it more.
     
    Last edited by AveSatanas, Feb 26, 2019
    sj33, hippy dave and StormSilver like this.
  3. blawar

    blawar GBAtemp Maniac

    Member
    11
    Nov 21, 2016
    United States
    incognito kills the ssl cert, so no data is ever sent to nintendo’s servers. the connection isn’t even attempted.

    there is some ssl data cached in the system save file, but it does not appear to be important, and again all of the ssl connections fail.

    there is more work to be done, to make it better, however it works well on 7.x as is.
     
  4. dexter90

    dexter90 Member

    Newcomer
    2
    Nov 20, 2016
    Italy
    Hello everyone, I wanted to ask a very simple question. 90dns should not block nintendo servers? I use 90dns on all the wireless networks stored, today it tells me that an update is ready for the console. Why? Did something happen or 90dns only blocks some nintendo servers? How come today tells me that there is an update? I do not really care about the ban at the end ... I try to avoid it, but having the switch mod I know if it happens, peace and good. :) I know that refers to version 7.0 or above, but I wanted to understand how he managed to pass
     
  5. StormSilver

    StormSilver GBAtemp Regular

    Member
    2
    Sep 20, 2018
    United States
    ....

    According to people here, it's your ISPs fault? I'm not sure. I'm using 90dns + incognito and no update prompts so far
     
  6. dexter90

    dexter90 Member

    Newcomer
    2
    Nov 20, 2016
    Italy
    i use many wireless network with many isp. but in the last month i only use my home newtwork... but if 90dns block the request to nintendo server, how did you upgrade? how could my isp fail if there are no requests to their dns but at 90dns? it's not a criticism, but I'm curious to understand why.

    — Posts automatically merged - Please don't double post! —

    sorry for the double post...
    I do not remember if the switch has the ability to connect automatically to open wireless networks ... unfortunately I happen to find a little and maybe it is precisely there the problem. In my home i have a router Fastweb and all traffic all redirect to my physical firewall sophos. I can create a vlan for one wirelle network for switch, but when i go outside? for this reason i use 90dns. ok... I think my switch has a different problem ... with active airplane mode, the wifi works the same perfectly ... has it already happened?
    in the settings airplane mode, the wifi, nfc and bt are off...

    [​IMG]
     
    Last edited by dexter90, Feb 26, 2019
  7. AveSatanas
    OP

    AveSatanas GBAtemp Regular

    Member
    6
    Aug 7, 2018
    United States
    Honestly, I've no idea why this happens, but it doesn't necessarily mean that you're not correctly connected (fyi, I've talked with people who got firmware update but were correctly connected, and they weren't banned when they restored to a clean nand), try running tester.

    I've tried on many different OFW versions, many regions, reinstalled HOS etc etc, and it doesn't happen for me, or for many others. I can't repro it, I can't fix it.

    I think only thing I haven't tried (or asked people about) is testing with anything but stock and Atmosphere, so... Are you using a CFW? If so, which one?

    Also: If anyone's who's having this issue that is also willing to help me out by setting up a proxy server (charles/fiddler), installing SSL patches and listening to network queries, lmk.
     
    Last edited by AveSatanas, Feb 26, 2019
  8. dexter90

    dexter90 Member

    Newcomer
    2
    Nov 20, 2016
    Italy
    Thk for the reply. Personally as I said it does not create problems .. I'm not fixed with ban or similar things. In theory I should not be banned or banned, but I do not understand how it goes to pass the same. Probably the switch connects to open wifi networks. Confirm? I'm asking you this because maybe I'm creating a problem that does not exist. The only problem is that it works with wifi mode, but this does not hit anything with 90dns .. I use Kosmos CFW. If you need a beta tester, when i can i help you to test. Sorry for me bad english
     
    Last edited by dexter90, Feb 26, 2019
  9. isrmicha

    isrmicha Member

    Newcomer
    1
    Jan 29, 2017
    Brazil
    Works on 7.0.0 ?
     
  10. linuxares

    linuxares I'm not a generous god!

    Moderator
    17
    Aug 5, 2007
    Sweden
    Yes, 90dns works on any firmware.
     
  11. n0v317y

    n0v317y Advanced Member

    Newcomer
    4
    Jul 23, 2018
    Ukraine
    Is it confirmed blocking all the N's servers on 7.0.0 and 7.0 1?

    in op it's not mentioned.
     
  12. Nastas95

    Nastas95 GBAtemp Regular

    Member
    5
    May 13, 2018
    Italy
    Well, I'm Italian.
    90DNS is System indipendent. It works on Windows too
     
  13. Dragonx41

    Dragonx41 GBAtemp Regular

    Member
    3
    Jun 9, 2018
    United Kingdom
    I run it on 7.0.1 but I ran the Python script first to confirm on my PC to make sure it blocks Ninty servers.
     
  14. NoNAND

    NoNAND GBAtemp Advanced Maniac

    Member
    12
    Aug 22, 2015
    Albania
    The other plane of existence
    i think the dns is not functioning as it should. my switch is nagging me to install the 7.0 update even that i still have 90dns set up. how did it download the update i wonder.
     
  15. Picalo

    Picalo Advanced Member

    Newcomer
    2
    Feb 18, 2019
    United States
    Is there away to block the update like the ps4 by putting a fake update file in the update folder in order to block nint from telling the system to download the file?
     
  16. klondike_bars

    klondike_bars Newbie

    Newcomer
    1
    Oct 20, 2018
    United States
    How do I work around my "Network Name" being over 15 characters?

    **EDIT**

    Figured it out.
     
    Last edited by klondike_bars, Mar 13, 2019
  17. jme2712

    jme2712 Member

    Newcomer
    2
    Feb 17, 2009
    United States
    Cheers
     
    Last edited by jme2712, Mar 18, 2019
  18. developer_su

    developer_su Advanced Member

    Newcomer
    3
    Feb 18, 2019
    Russia
    Thanks a lot! OpenWRT settings are very useful and saved a lot of time! Also NGINX configuration helped!
    Just deployed docker container and viola! (Thinking about moving this to inetd@oWRT to simplify.. but not deep enough in it and not sure yet). Also, I guess, paranoiacs may restrict any packets that out-coming to WAN.. I did it for ICMP:D/UDP/TCP and a bit worry that Nintendo uses some protocol I missed..
    Anyway, you're doing awesome things ( ^-^)_\m/
     
  19. aos10

    aos10 ❤ Zelda ❤\(^o^)/

    Member
    11
    Apr 10, 2012
    Saudi Arabia
    Is there easier way to use this? Like how stealth mode works on sxos?
     
  20. OrGoN3

    OrGoN3 GBAtemp Addict

    Member
    8
    Apr 23, 2007
    United States
    That sounds pretty easy to me...
     
    aos10 likes this.
Quick Reply
Draft saved Draft deleted
Loading...