Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Open DNS typo on router


  • Please log in to reply
6 replies to this topic

#1 SuperSapien64

SuperSapien64

  • Members
  • 738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 03 September 2014 - 02:11 AM

Hi can someone please help clear up my concerns because I accidentally interned the wrong DNS address on my new router.

After entering this typo I almost immediately that my connection was unstable especially on Linux and yesterday evening when I logged back into my router the DNS settings were set to there defaults. But I was able to surf the web kinda in Windows though it timed out often and certain webpages wouldn't even open, and now when ever I enter the correct DNS settings it disconnects from the internet.  

 

Here's what I entered

 

222.67.222.222
220.67.220.220

 

Instead of :blush:

 

208.67.222.222
208.67.220.220

 

I'm really feeling uneasy and stressed about this, any advice? :unsure: :blink:

 

 

 

Why does stuff like this happen whenever your in poor health or any other of life's trials and complications?


Edited by SuperSapien64, 03 September 2014 - 02:17 AM.


BC AdBot (Login to Remove)

 


m

#2 1PW

1PW

  • Members
  • 316 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North of the 38th parallel.
  • Local time:04:39 AM

Posted 03 September 2014 - 01:23 PM

Two things you might check:

 

1. In Windows, do your Network Properties have a DNS Server entry(s) that point(s) to your router (probably 192.168.1.1 or close) or do they point to the published OpenDNS IP addresses? Easy check: From an Elevated Command Prompt: ipconfig /all

 

2. After you corrected the DNS router entries, did you have the router do a cold reboot?

 

I believe you shouldn't overly stress yourself over this if you didn't make any financial transactions. But new passwords could be needed.


All viruses are malware but not all malware are viruses and if the malware doesn't self replicate it just isn't a virus.


#3 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,620 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:39 PM

Posted 03 September 2014 - 02:03 PM

I just tried to use these 2 servers (e.g. the wrong IP addresses you mentioned) and they do not appear to be DNS servers.

By this I mean that I used nslookup and gave these 2 IP addresses up as server, then did a query for google.com. I received no answers.

 

So since these do not appear to be DNS servers, you don't have to worry.

 

This would explain the time-outs you noticed, but the fact that you got connections means that you would have a third DNS server in your list (a real DNS server). Can you confirm this?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#4 SuperSapien64

SuperSapien64
  • Topic Starter

  • Members
  • 738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 04 September 2014 - 11:46 PM

Two things you might check:

 

1. In Windows, do your Network Properties have a DNS Server entry(s) that point(s) to your router (probably 192.168.1.1 or close) or do they point to the published OpenDNS IP addresses? Easy check: From an Elevated Command Prompt: ipconfig /all

 

2. After you corrected the DNS router entries, did you have the router do a cold reboot?

 

I believe you shouldn't overly stress yourself over this if you didn't make any financial transactions. But new passwords could be needed.

 

What about updates or any files downloaded should these be in question?

Yes I reset my router and I'll re-inter the correct Open DNS settings, I switched back to my old router for the time being.

 

I just tried to use these 2 servers (e.g. the wrong IP addresses you mentioned) and they do not appear to be DNS servers.

By this I mean that I used nslookup and gave these 2 IP addresses up as server, then did a query for google.com. I received no answers.

 

So since these do not appear to be DNS servers, you don't have to worry.

 

This would explain the time-outs you noticed, but the fact that you got connections means that you would have a third DNS server in your list (a real DNS server). Can you confirm this?

 

Around the time I made this post I did some research olooking for DNS scanning services most didn't prove helpful even VirusTotal didn't give much answers then I just found that Metascan Oline now offers a domain scanner which includes DNS info and it help reveal the country of origin for booth servers and some basic details about them, then I remembered that Domaintools specializes in DNS identification so after checking there I cross referenced with Web of Trust and it appears one is a spam website and the other is a university.  

 

 

Off topic: I really hate insomnia it messes with your conjunctive skills.

 

 

 

OS Windows 7 64bit with latest updates and Kubuntu with updates.

Windows: security Avast free, SBIE, MBAM Preumim, Comodo Firewall free and Zemana antikeylogger free.



#5 SuperSapien64

SuperSapien64
  • Topic Starter

  • Members
  • 738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 07 September 2014 - 02:37 PM



This would explain the time-outs you noticed, but the fact that you got connections means that you would have a third DNS server in your list (a real DNS server). Can you confirm this?

 

Well I did notice the DNS settings on my (new) router always reset to obtain DNS from ISP but I not %100 sure what exactly you mean by a third DNS server unless your referring to the dynamic DNS option which I never enabled.


Edited by SuperSapien64, 07 September 2014 - 02:37 PM.


#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,620 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:39 PM

Posted 07 September 2014 - 04:31 PM

Sometimes you can specify more than 2 DNS servers for your DNS client to use. This seems not to be your case.

Then I have no explanation why your were eventually able to connect to websites.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 SuperSapien64

SuperSapien64
  • Topic Starter

  • Members
  • 738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 AM

Posted 07 September 2014 - 10:52 PM

Sometimes you can specify more than 2 DNS servers for your DNS client to use. This seems not to be your case.

Then I have no explanation why your were eventually able to connect to websites.

 

Well I just tried my new router again and it was able to connect to the internet just fine until I changed the DNS settings.

And I believe I now know the reason why it times out ever time I alter the DNS server settings on my Netgear (WNR model) recently made a partnership with Open DNS because of this I think it requires to log into your Netgear Live account and from with in you log into your Open DNS account. Perhaps this also explains why ever time I enterned the wrong DNS servers it would timeout then override and reset them to the default obtain from ISP DNS servers.

 

I never had any complications setting up Open DNS on my WNDR 3300, this new public DNS management feature certainly would make it a lot simpler to keep your IP address relative with your public DNS account I just wish Netgear would make it more clear on the box or manual.


Edited by SuperSapien64, 07 September 2014 - 11:09 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users