Blog

Using custom DNS servers from the iPhone and over Internet Tethering

For those of us the roam around on network connections, OpenDNS and Google Public DNS provide public DNS servers which offer better security than using arbitrary DNS that’s assigned to us when we connect to a network. This means that rather than trusting the assigned DNS server — which could be a malicious third party that’s attempting a man-in-the-middle attack — we always use a trusted server.

In OS X, normally, one can specify custom DNS servers in Network Preferences, but when using Internet Tethering with the iPhone, no options are available.

It’s possible to set DNS configuration on the command line, though, as mentioned in this MacOSXHints article.

This technique can be used within a shell script to make things easier.

As it happens, if you have a jailbroken iPhone, the trick works there too — just ssh in as root, copy the script over, and run it from the iPhone.

The one caveat is that the DHCP client both on the iPhone and on Mac OS X will routinely reset the servers — I haven’t found a way to combat this yet, other than routinely re-running the script.

We have been using mobile broadband from my iPhone while we’ve been travelling; our current provider seems to go offline almost every evening — a quirk which I’ve just discovered is related to their faulty DNS server.

Using Google’s public DNS servers instead fixes this problem, so I was after a way to configure both the iPhone and OS X to use the servers.

, , . Bookmark the permalink. Both comments and trackbacks are currently closed.

3 Comments

  1. Francisco
    Posted March 28, 2010 at 8:16 pm | Permalink

    I try to follow the instructions but terminal says: “mobile is not in the sudoers file. Thiis incident will be reported”..

    Do you know how to fix this? I was in the first step of this:

    sudo scutil

    open d.init d.add ServerAddresses * 8.8.8.8 8.8.4.4 set State:/Network/Service/PRIMARY_SERVICE_ID/DNS quit

    • Posted March 28, 2010 at 8:48 pm | Permalink

      You’ll either want to add ‘mobile’ to the sudoers file using visudo (google is your friend), or do it as root.

  2. Nick
    Posted August 25, 2010 at 7:52 am | Permalink

    Thanks this is kickass