A DNS server to collect domains to Columbus Server.
The goal of columbus-dns is to make it easy/possible for users to easily contribute to the Columbus Project.
By setting the DNS servers to columbus-dns while enumerationg subdomains, hunting bugs, etc you can contribute to the Columbus Project.
_________________
|---> dig exmaple.com A ---->| COLUMBUS-DNS | -----> Insert -----> columbus.elmasy.com
| -----------------
^ |
| V
Alice <------- 93.184.216.34 <---------
- Only domains with valid answer will be sent to the server (
NOERROR)
THIS SERVER IS NOT MEANT TO USED AS A DAILY DNS RESOLVER!
The most secure way to run columbus-dns is to run as a non root user on a non-privileged port (eg.: 1053) and redirect traffic deisgnated to port 53.
nftables example:
table inet filter {
chain inbound_ipv4 {
...
tcp dport 1053 accept
udp dport 1053 accept
}
chain inbound_ipv6 {
...
}
chain input {
type filter hook input priority filter; policy drop;
ct state { established, related } accept
iifname "lo" accept
meta protocol vmap { ip : jump inbound_ipv4, ip6 : jump inbound_ipv6 }
tcp dport 22 accept
reject
}
...
}
table ip nat {
chain prerouting {
type nat hook prerouting priority filter; policy accept;
udp dport 53 redirect to :1053
tcp dport 53 redirect to :1053
}
chain postrouting {
type nat hook postrouting priority filter; policy accept;
}
}
The checksum file is signed with key 10BC80B36072944B5678AF395D00FD9E9F2A3725.
gpg --receive-key 10BC80B36072944B5678AF395D00FD9E9F2A3725- Create the user:
adduser --no-create-home --disabled-login "columbus-dns"- Install (and edit if needed)
columbus-dns.service:
wget -q -O "columbus-dns.service" "https://raw.githubusercontent.com/elmasy-com/columbus-dns/main/columbus-dns.service"mv columbus-dns.service /etc/systemd/system/- Install and edit
columbus-dns.conf
mkdir /etc/columbuswget -q -O "columbus-dns.conf" "https://raw.githubusercontent.com/elmasy-com/columbus-dns/main/columbus-dns.conf"sudo mv columbus-dns.conf /etc/columbus/dns.confchown columbus-dns:columbus-dns /etc/columbus/dns.confsudo chmod 0640 /etc/columbus/dns.confnano /etc/columbus/dns.conf- Install the binary:
For Linux/AMD64:
wget -q 'https://github.com/elmasy-com/columbus-dns/releases/latest/download/columbus-dns-linux-amd64' -O columbus-dns-linux-amd64 && \
wget -q 'https://github.com/elmasy-com/columbus-dns/releases/latest/download/checksums' -O checksums && \
gpg --verify checksums && sha512sum --ignore-missing -c checksums && rm checksums && \
sudo install columbus-dns-linux-amd64 /usr/bin/columbus-dns- Start the service
sudo systemctl daemon-reloadsudo systemctl enable --now columbus-dns.service