DNSKong Version 1.0.6p (Personal Edition)
Copyright 2000, Pyrenean
<mailto:Pyrenean@Earthlink.net>
Dnskng106.exe distribution

DNSKong is free for individual users for personal non-commercial use.
Commercial, Government and Educational users contact Pyrenean for license details.


For the latest information on DNSKong visit <http://www.pyrenean.com>.


Special Thanks to:
Rick - For an eagle eye for flaws and nice trees.
Bob  - For testing, rewriting this document
Bob's reading assistant - For reading this anyway.
Charlie - For Testing and comments to improve documentation
Bruce - For testing and distribution of DNSKong and for sharing his TShirt.
Stuart - For distributing eDexter and DNSKong and the great icons that I will eventually use. 


Changes in this version:

This version of DNSKong functions closer to the DNS standard.  This effectively repairs a condition that could result in an "Page Not Found" message in a web browser.

Changed the default start-up display in tray functionality.  This version will honor the Hide On Start setting and will start DNSKong in the visible mode if Hide On Start has not been selected.  If Hide on Start has been selected the application will be started in invisible mode.  For new users of DNSKong the application will start visibly.

This distribution does not contain the files Named.txt or Pass.txt.  You will need to create or acquire these files prior to using DNSKong. This change was made in order to prevent future releases of DNSKong wiping out these files during installation.

This version now offers the ability to select the folder where Named.txt and Pass.txt are stored.  This can allow you to place these files anywhere on your computer and can prevent these files from being accidentally deleted when uninstalling an old version of DNSKong in order to install a newer version of the program.  This will also allow these files to be placed on a network drive provided you have access to a network drive.  You may use this feature to effectively share a single Named.txt or Pass.txt with networked machines.  

This version introduces DNS proxy capabilties to DNSKong.  Again, this is a bit closer to "standard" DNS functionality where a DNS server may be configured to pass requests along to other servers.  Some operating systems are extremely limited in the number of DNS entries in standard networking.  Using this feature will allow any DNSKong user to "extend" their DNS universe by an additional 5 servers.  This feature also is used when chaining DNSKong personal edition applications to DNSKong Enterprise servers.  In this manner, businesses, schools and parents can maintain one set of filters on a remote server so that the filters are "invisible" to individual workstations.


Operation:
Start DNSKong. You may retain the .txt files in the same folder as DNSKong.exe. This version of DNSKong allows placing the .txt files in alternate locations.  Your system must also be configured to use 127.0.0.1 as the first Domain Server. The file tcpipreg.reg contains the registry entries needed.  However, manual configuration is the best method to use. Windows 2000 requires different settings so do not use tcpipreg.reg on Windows 2000.

You may use either a system tray interface or a start menu interface (preferred) to DNSKong. Using the start menu interface saves a little memory but does not include all Tray interface options at this time.  

Tray Icon Menu Selections:
About ...
Load Filters  		-	Reads Named.txt and Pass.txt
Start              	-	starts DNSKong and loads filters
Stop              	-	stops DNSKong
Hide               	-	Hides DNSKong's tray icon - manual mode
Hide on Start  		-	Automatically hides tray icon when starting (now Default)
IP Info...              -	Displays current IP information
Proxy DNS...		-	Displays proxy DNS configuration 
				(Using Proxied DNS requires Firewall configuration changes 
				allowing DNSKong access to the internet. No intenet access
				is needed if DNS proxy is not used.)
Modify Named.txt	-	Opens Named.txt in your default text editor.
Modify Pass.txt		-	Opens Pass.txt in your default text editor.
Select Filter Folder	-	Allows selecting the storage folder for the .txt files
Exit                	-	Exits DNSKong


Start Menu Selections:
Start Menu items use some of the following Command-line parameters:
/a			-	Displays about box.
/h			-	Toggles tray icon.
/l			-	Loads Filters.
/q                      -	Stops and exits.
/v                      -	Starts in visible mode. 
/n			-	Opens Named.txt for editing
/p			-	Opens Pass.txt for editing
/f			-	Selects Filter Folder

These parameters are only available at startup: 
/v                      -	Starts in visible mode. 


Other command-line parameters:
/s			-	Toggle Start/Stop (Not available in Start menu)


These parameters may be used when starting DNSKong: /a, /h, /l, /v, /s.

Start Menu Items:
DNSKong - Invisible Mode	-	Starts DNSKong but does not display the tray icon.
DNSKong - Visible Mode		-	Starts DNSKong and displays the tray icon.
Exit DNSKong			-	Stops and Exits DNSKong
Load Filters			-	Loads Named.txt and Pass.txt
Modify Named.txt		-	Opens Named.txt in editor. You must Load filters after
					changing Named.txt or Pass.txt.
Modify Pass.TXT			-	Opens Pass.txt in editor. You must Load filters after
					changing Named.txt or Pass.txt.
Toggle Tray			-	Hides or unhides DNSKong's tray icon

Usage Hints:
Starting DNSKong without command-line parameters will honor the last setting of Hide On Start.

You can copy the Start Menu shortcuts to several locations such as the Startup menu or the QuickLaunch Toolbar. I copy the Toggle Tray Icon to the QuickLaunch toolbar and the "DNSKong - Invisible Mode" to the Startup menu. Those wanting to see DNSKong at startup should copy the "DNSKong - Visible Mode" shortcut. 
I've not included a Start/Stop shortcut but one can copy one of the existing shortcuts and change the command-line parameter.

DNSKong is best used in conjunction with a Firewall and a personal web proxy server. You will notice many web sites respond differently if you use DNSKong with or without a proxy or a proxy server with or without DNSKong.

Modifications to this version (1.0.6p):

Documentation: Added a list of the command line parameters which was missing from the initial release. That ommision caused a considerable amount of frustration, for which I apologize.

Closer adherence to the DNS standard: This corrects an occasional "Unable to Load this page" message from Internet Explorer when using a dial-in connection.  

Optional proxy DNS capability:  This version of DNSKong allows you to use DNSKong as a proxy to 5 Domain Name Servers (DNS). If you use this option and ZoneAlarm, you will need to allow DNSKong access to the Internet. In this mode, DNSKong queries other DNS servers and if it gets a response it will send the response back to your computer.
DNSKong actually releases the domain name request to Windows when it passes a name or does not find the name in named.txt so your ISP's DNS may respond before DNSKong gets a chance to send its value to you. In this case, the first response to your computer will win.
You may not notice any performance improvement when you use this option. My machine only triggers the DNSKong proxy a small percentage of the time.
The idea is to let your ISP's servers do their work without trouncing on their toes. In the case of my ISPs, I've managed to connect successfully to the internet using only DNSKong as the DNS manager and without making any DNS entries in the dialup settings.  I would not suggest you actually do this. I added this new feature to the personal edition to extend the number of DNS servers available and to eventually develop a method to chain DNSKong servers together.

IP Info:  Displays the IP that DNSKong uses to resolve entries in Named.txt. In the personal edition this IP is fixed to 127.0.0.1. In the enterprise edition this can be any IP address. The personal edition also lists the available machine IP addresses. Machines with only one adapter should only see one entry in this list.


What is DNSKong:

DNSKong is a personal caching-only pseudoDNS server. Version 1.0.6 can act as a DNS proxy. DNSKong only serves the localhost. No machine from the outside world will be able to use your DNSKong.

It uses the file, Named.txt as rules for matching DNS queries to the local IP address, 127.0.0.1.  The rule heuristic for this version is first "complete-dotted-octet" match. For example, if Named.txt contained the line:
com
then all names containing a matching "com" in-between the Domain name's dots would resolve to  127.0.0.1. This would include www.anything.com, Com.org.net, but not ads.COMmonwealth.net.

Providing a more complete string filter will block fewer names. For example, "ads.pyrenean.com" would block "ads.pyrenean.com" and "my.ads.pyrenean.com" but not "www.pyrenean.com" nor just "pyrenean.com".

It uses the file Pass.txt as exceptions to the rules in Named.txt. The rule heuristic for this version is first "complete-dotted-octet" match.  For example, if Pass.txt contained the line:
pyrenean.com 
...then all names containing an "dotted-name" portion matching "pyrenean.com"  will pass DNSKong's named filter and would be resolved by your other Domain Name Servers for resolution. This would include www.pyrenean.com and ads.pyrenean.com.

Pass.txt is processed first then Named.txt. If a name is passed it will not be screened in Named.txt.
  
If you do not have a Named.txt file or the file is empty all names will pass DNSKong's filter.

If you do not have a Pass.txt or the file is empty DNSKong will make no exceptions to the Named.txt rules.


DNSKong.ini settings:
[Preferences]
HideOnStart=1       	//Toggle for hiding automatically. This will be phased out.
ResolveToLocal=1	//Always '1' in personal edition.  Edits ignored.
ResolveToIP=127.0.0.1	//always 127.0.0.1 in personal edition. Edits ignored.

[Proxy]
IP1=0.0.0.0		//IP address of a DNS to proxy
IP2=0.0.0.0		//IP address of a DNS to proxy
IP3=0.0.0.0		//IP address of a DNS to proxy
IP4=0.0.0.0		//IP address of a DNS to proxy
IP5=0.0.0.0		//IP address of a DNS to proxy
UseCode=00000		//Positional encoded use field.   	
			//0 = no proxy, 1 = use for not in Named.txt, 2 = use for in Pass.txt, 3= both


Notes:
1.  We don't care what you filter. This distribution does not include a Named.txt nor a Pass.txt.  You will need to create these in Notepad or download these from a DNSKong user support site.

As a test entry you can add the keystring:

www.pyrenean.com

to your Named.txt.  This keystring will only filter the pyrenean web site. We hope you will remove that entry, but you can filter anything and everything you want.   Each entry must be on a separate line.   Although comments and blank lines in Named.txt will improve overall readability future versions of DNSKong may dynamically resequence these files for improved performance.

Inclusive set of rules for different purposes may be gathered from domain names in publically available hosts files.  The rule file approach, Named.txt, is much smaller than a matching hosts file. The rule search resolves a domain name to 127.0.0.1 when it first finds a matching entry in Named.txt.

2.  The rules are predictive. Use minimal names for Named.txt and specify exactly the names you want to pass DNSKong. This is the exact opposite of the approach you would take with hosts.

3.  With DNSKong, you don't need hosts. You can use hosts with DNSKong. You machine checks Hosts first, then DNSKong, then your other Domain Name Servers.

4.  DNSKong is compatible with Web proxies or proxy servers. Your browser will route its request through your proxy server before your machine looks up an entry in Hosts or DNSKong. Your proxy configuration is processed first.  You need to use a personal web server to avoid missing pictures or web pages that your proxy or web browser expects from 127.0.0.1.

5.  DNSKong forces IE5.0+ to cache Domain names so once you've resolved a name the browser will not need to requery the DNS for some time.

5a. Performance is important and depends on many factors. Larger filters will decrease overall performance, as should a large Hosts file.

6.  If you decide to remove an entry from Named.txt after a displaying a web page you need to exit your browser prior to being able to see the matching web page. Internet Explorer uses the following registry entry to control the DNS cache timeout:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"DnsCacheTimeout"=dword:00000001

In the above entry, the 00000001 value attempts to set the cache to a 1 second timeout value.
A more reasonable entry might be 00000060 for a 1 minute time out.
Other browsers use other methods to set the DNS cache time out.

7.  You will experience minor browser differences using DNSKong rather than hosts. In general, DNSKong filters more than hosts. Hosts only filters specific names, DNSKong filters names that contain any match from the Named.txt file.

8.  DNSKong is only available to the local machine, so even without a firewall machines will not be able to access your DNSKong. Contact Pyrenean to get a server version of DNSKong that will allow a single machine to act as a DNSKong server. On personal machines, firewalls should be configured to allow local only access (behind the firewall) for DNSKong and block Internet access to DNSKong. 

9.  DNSKong nows offers DNS proxy support.  You can use this option to select 5 DNS servers that DNSKong will use to lookup domain names provided the names are not filtered.  If you do not use this option you will not need to allow DNSKong access to the internet under ZoneAlarm.  If you choose to use this option you will need to configure ZoneAlarm to allow DNSKong access to the Internet.  This feature can be used to proxy to a DNSKong Enterprise server and may not offer any performance improvement over your current network configuration.  If you use the feature you can determine that DNSKong has proxied a name request by the tray icon which will have the upper kong-block gray and the two lower kong blocks green when a name has been proxied.  Some machines need to have a priming operation prior to proxying DNS lookups through DNSKong.  The easiest way to prime the proxy is to use the command-line ping or tracert command to a known domain name.

10.  If using the proxy fill the entries from top to bottom.  This feature is included with this release in order to permit chaining DNSKong personal servers to DNSKong enterprise servers.  You may also use genuine DNS servers if you would like to the extend the number of available Domain Name Servers for your machine.

Configuration can be difficult. An excellent reference is "Controlling DNS Lookup Sequence" <http://www.pacificnet.net/~bbruce/forcedns.htm>.
The idea is to  set up your machine to use 127.0.0.1 as the first DNS Server.
On NT/9x and WinMe, use Network properties to examine TCP/IP protocol settings.
Add 127.0.0.1 as your first DNS entry.

Win2K requires more effort. The network Internet TCP/IP properties dialog does not like 127.0.0.1 as a DNS Server address. The advanced properties button can be used to add 127.0.0.1 as the first DNS on the list. You most likely will need to disable the DNS Client. You will need to reboot your machine after making the DNS entry and disabling the DNS Client service.  Your Win2K machine may act differently. This procedure has worked on the few Win2K machines that we have available for testing.

If you run a firewall continue to do so. You may be able to configure your firewall to block DNSKong access from the Internet. If you use ZoneAlarm, you may need to first pass the block when ZA asks for the first time about DNSKong. Then immediately open ZA's configuration and disallow access.

Some users may need to add 127.0.0.1 as a machine on the local net for ZA. Use the security tab and look in the Advanced features button to add this address. The IP 127.0.0.1 is a Universal IP reserved for the local machine.  




Pyrenean