Author Topic: how change of dns, nullifies the vulnerability  (Read 49369 times)

0 Members and 1 Guest are viewing this topic.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #25 on: May 26, 2017, 11:10:38 pm »
Hi, i am enclosing the result of the tracert command on the router dns, which is set to auto. There are two server ips, i have given two times the command . pl say. Moreover, i have to use ipconfig /fllushdns to get the internet access . otherwise, am getting , modem is experiencing connectivity issues error. once flushdns, ip release, ipconfig renew, i am getting . how can i avoid this manual flushing of dns always. please.
          Also say, what does not liked by avast. From the whole log, why they pick up only two sites? pl educate me.
what is called hijacked domain. i do not have any domain setting. i asked you how to find and remove pl
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\intel>tracert 218.248.255.147

Tracing route to 218.248.255.147 over a maximum of 30 hops

  1    <1 ms    <1 ms    <1 ms  192.168.1.1
  2    27 ms    26 ms    27 ms  117.194.136.1
  3    28 ms    27 ms    27 ms  static.ill.218.248.61.134/24.bsnl.in [218.248.61
.134]
  4    28 ms    27 ms    29 ms  218.248.255.150
  5    27 ms    28 ms    28 ms  218.248.255.147

Trace complete.

C:\Users\intel>tracert 218.248.255.147

Tracing route to 218.248.255.147 over a maximum of 30 hops

  1    <1 ms    <1 ms    <1 ms  192.168.1.1
  2    25 ms    26 ms    26 ms  117.194.136.1
  3    28 ms    27 ms    28 ms  static.ill.218.248.61.134/24.bsnl.in [218.248.61
.134]
  4    27 ms    28 ms    28 ms  218.248.255.150
  5    27 ms    28 ms    27 ms  218.248.255.147

Trace complete.

C:\Users\intel>tracert 218.248.245.12

Tracing route to 218.248.245.12 over a maximum of 30 hops

  1    <1 ms    <1 ms    <1 ms  192.168.1.1
  2    27 ms    26 ms    27 ms  117.194.136.1
  3    28 ms    28 ms    28 ms  static.ill.218.248.61.122/24.bsnl.in [218.248.61
.122]
  4    48 ms    47 ms    48 ms  218.248.245.14
  5    48 ms    48 ms    48 ms  218.248.245.12

Trace complete.

C:\Users\intel>tracert 218.248.245.12

Tracing route to 218.248.245.12 over a maximum of 30 hops

  1    <1 ms    <1 ms    <1 ms  192.168.1.1
  2    26 ms    27 ms    26 ms  117.194.136.1
  3    28 ms    28 ms    29 ms  static.ill.218.248.61.122/24.bsnl.in [218.248.61
.122]
  4    47 ms    47 ms    48 ms  218.248.245.14
  5    48 ms    48 ms    48 ms  218.248.245.12

Trace complete.

C:\Users\intel>
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #26 on: May 27, 2017, 12:53:12 am »
I can't find now where the Netalyzr report mentions the intermittent disconnect.

When you have the DNS Servers set to auto, Avast is picking up yandex etc. but not when you use either Google's or Open DNS Servers.

That's what I meant by Avast not being happy, but I'm not sure why that is happening.

With the router and your computer set to default do you still need to run those ipconfig cmds ?

It may not be so much the flushdns cmd but the release and renew IP address cmds.

These relate to the router's DHCP assigning an internal IP address to your Ethernet adapter.

It could also be Avast blocking your connection.

Can you run the computer in Safe Mode with Networking for a while to see if you still get the disconnects and if so, have a look in Event Viewer.

They could be listed as DHCP events.

You could also reinstall/update your Ethernet adapter driver.

The difference between your router MTU being set to 1492 and your computer default set to 1500 will be negligible.

Offline Samson

  • Hero Member
  • *****
  • Join Date: Nov 2011
  • Posts: 915
  • Location: London
  • Karma: 38
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #27 on: May 27, 2017, 04:41:01 am »
J, As this is a hardwired desktop PC, consider setting a static IP address for it on your LAN, avoids any DHCP issues  :wink:

Shane's tool, Simple Static IP v.1.3.0  makes it a breeze to do  :smiley:

http://www.pcwintech.com/simple-static-ip

And Tweaking.com - Change DNS Servers makes changing your DNS equally simple too  :smiley:

http://www.tweaking.com/content/page/tweaking_com_change_dns_servers.html
« Last Edit: May 27, 2017, 06:03:24 am by Samson »

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #28 on: May 27, 2017, 07:45:35 am »
Hi, Samson, i have power cuts and so , i think , my ip will be changing on every log on, as provided by the service provider. Do this tool, also changes dns server ip in router also.
                      Actually i do not have static ip for my pc. Will this tool change the dns in router also. please.
To boggins:
                     i have tried all the tricks. Has my traceroute tell something wrong. Outsourced ip check only catches the external ip allotted to you on log on. is it not?
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #29 on: May 27, 2017, 08:41:52 am »
Depending upon how long the power cut lasts, that could change your external IP address and sometimes when you log on, it could give you a different DHCP IP address.

There are two ways to assign a static IP address to a device - as a reserved DHCP IP address in the router or as a static IP address in one or more of the adapters in the computer.

In either case, you need to know what the DHCP range in the router is, although you could assign the reserved IP address in the router to how it is now when you do an ipconfig /all

When assigning a static IP address in the computer, it's best to do it outside of the DHCP range as the router can still assign that IP address to another device and that would cause an IP address conflict where neither device would be able to connect.

The router wouldn't know you had assigned that DHCP range address.

The latency on the tracert for your Secondary ISP DNS Server address is high compared to the Primary.

Do a tracert on Google's and then one on Open DNS and compare all three.

One other thing to check in the router is to see what the channel setting is.

If it's set to Automatic that could change at any time and while it wouldn't cause a disconnect, it could cause a blip in the connection which would be noticeable if you were streaming any music or videos.

In the computer/Device Manager/View/Show hidden devices/Network adapters - right click on the Family Controller and select Properties.

Under the Power Management tab uncheck the box to Allow the computer to turn off this device to save power - OK

Offline Samson

  • Hero Member
  • *****
  • Join Date: Nov 2011
  • Posts: 915
  • Location: London
  • Karma: 38
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #30 on: May 27, 2017, 09:03:20 am »
Hi, Samson, i have power cuts and so , i think , my ip will be changing on every log on, as provided by the service provider. Do this tool, also changes dns server ip in router also.                   

Simple static IP changer changes your LOCAL IP address NOT that assigned by your ISP.

The DNS changer program changes the DNS on selected adapter, NOT the router.

When assigning a static IP address in the computer, it's best to do it outside of the DHCP range as the router can still assign that IP address to another device and that would cause an IP address conflict where neither device would be able to connect.


"Under normal setups going through all the trouble is a waste of time.

Most routers start giving out IPs at .100 or .1 depending on the router. By always doing the higher end such as .200 or higher it is 99% safe to do. In 17 years of setting up networks I have never seen enough devices hooked up to a home router that I have ever seen the dhcp get past .200 on handing out IPs. That would be over 100 devices hooked up, home routers can only handle so many connections before you have to upgrade to a business grade router to handle so many connections.

While there is a small chance certain routers may be set to give IPs starting that high there is a 99% chance most routers don't. I have yet to run into a single IP conflicted using the higher ranges.

So save the user a unneeded step and just use the higher ranger of .200 and above.

Your choice :-)


Shane"  http://forums.pcwintech.com/index.php/topic,4114.msg32059.html#msg32059

I can only confirm what Shane has written, and his 2 programs that I have linked to are by far and away the easiest way to do both, ie set a static IP address on the local network and change DNS on network adapters.
« Last Edit: May 27, 2017, 04:42:33 pm by Samson, Reason: Spelling »

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #31 on: May 27, 2017, 09:23:09 am »
I agree that DHCP usually uses the lower end but the way I've described it is the correct way and will avoid any possible conflicts.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #32 on: May 28, 2017, 04:04:28 am »
Hi, Boggin, we can continue this interesting discussion.
 Please say, solution to my post 22 in this thread. What is a domain name set with other machines. I never did anything like that. How to know, which domain i would have created without my knowledge. These technical terms really conveys too technical meanings, but i want a simple understanding of what is meant by domain. name. and other query in that post
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #33 on: May 28, 2017, 05:16:16 am »
It could be just how your computer configures it.

I believe you have other machines - can you do an ipconfig on those to compare ?

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #34 on: May 28, 2017, 05:27:41 am »
After replying to you , i just looked at the network and it showed joined in the home group. I just went to computer properties and found that some shared folders . I enabled some videos from pc to laptop to play there . Only selected 10 videos are shard, but any how, to remove the hg, i just selected the home group and selectd leave the group, without knowing what it will do. It just makes the joined hg as ready to create.
                    But what is domain.name. I did find the computer name and domain name. The domain name is left blank and in the work group, there was workgroup written. May be i would have opted, when i tried to share some videos to laptop to play there. what should be the entry in domain name. There was blank and i give some name which my pc would not accept. it rejected with error message, that the said domain name cannot be created. What is the domain name , is it a auto fill item or we need to fill. What is the primary dns suffix pl. My nslookup google.com results in unknown server still
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #35 on: May 28, 2017, 05:54:33 am »
There are a number of articles that come up when you Google what is primary dns suffix which you can read.

While I haven't read all of them, some are above my pay grade as I'm not that deep into it.

Have you checked your other computer(s) to see what they display as ?

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #36 on: May 28, 2017, 09:24:34 pm »
Hi please find mine properties.
If it is the same  on your computer, please advise me the default values in every field
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #37 on: May 29, 2017, 01:01:51 am »
Mine is exactly the same as yours.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #38 on: May 29, 2017, 05:47:22 am »
Hi, Today, i sent to the higher officials of my service provider BSNL. Let us wait for reply from them on ths issue. Meanwhile thanks for samson and boggins for all the tips.
The Bottom line is "Check your hardware first if it supports the task you try".

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #39 on: June 26, 2017, 06:28:38 am »
Hi, I am continuing this thread for continuity. I have changed some settings in my router, like disabling ping , enabling Dos protection, Denial of Service protection and changing admin pw, but kept my ISP dns server. I scanned with wifi inspector. The pc, and connected device, router and mobile showed no vulnerability. The pc is ethernet connected and wired connection.
                      I updated xp updates for security in my laptop. There also i enabled auto obtain address , ie, my service provider dns. It is connected with wifi. I just thought of scanning the laptop. Here , comes the vulnerability alert of dns hijack. So, it is known that internet connection and wifi and entirely different.
                     After a thought, i again went to my router page, and then changed my dns to google and scanned the pc and laptop and no vulnerability.
                        So changing of dns to google dns in the router is the only solution that is good for security. If you change , the dns at adopter settings outside, then you have to go to each device and change the dns to google to get the security. In mobiles, it is very difficult to change the dns to google as there may be provision or absent of it.
                       CHANGING THE DNS TO GOOGLE IN ROUTER is the correct way,as i suppose, Is it correct? please
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #40 on: June 26, 2017, 06:39:11 am »
Yes, that's okay to do it that way.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #41 on: July 01, 2017, 11:04:32 pm »
Is the external ips allotted to you for all the devices as a whole or separate ips for external ips
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #42 on: July 02, 2017, 12:51:44 am »
The ext. IP address is assigned for your connection, regardless of how many devices you use.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #43 on: July 02, 2017, 04:14:12 am »
Hi, Thanks for the apt reply. I had this doubt, because, the router allots ip to so much devices.
The Bottom line is "Check your hardware first if it supports the task you try".

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #44 on: July 06, 2017, 04:55:25 am »
Hi, Boggins, one more related query,
                    If i have all the security settings in the router, if i logged in at a time, when an infected ips, (probably found by sites honeybot like software),will all security settings would not collapse? Is there any cure for that? Because, the external ips are randomly allocated with their users connection, would it not affect?
Is my presumption of infected IPs are not real?
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #45 on: July 06, 2017, 08:54:19 am »
Unless you have a router that is susceptible to being hacked, the external IP address comes down the line from your ISP's servers and the router's firewall is usually quite robust and therefore the DHCP IP internal IP addresses the router assigns to devices will equally be secure.

Does that answer your question ?


Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #46 on: July 07, 2017, 04:48:21 am »
Hi, Persistently asking this , because, even for log in to this site, i was given maths and capcha to log in. This i raised to Shane and he says some technical terms which i was not aware of before, but slightly picking up now, that some honeybot.org has stopped my log in smooth process , as i logged on an infected ips.
                            So i raised the question of my presumption of infected ips . I also went to that site and noted that so much of infected ips list there. So, i had the doubt, if one logs in a infected ip, external ip allotted, then there is possibility of all the security settings vulnerable. I will try to get that link in my next post
http://www.tweaking.com/forums/index.php/topic,872.msg6089.html#msg6089
                       
« Last Edit: July 07, 2017, 05:05:05 am by jraju »
The Bottom line is "Check your hardware first if it supports the task you try".

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #47 on: July 07, 2017, 06:29:15 am »
Hi, also see the ips near column near your ip .
My ip is given below, which i removed. That means my presumption of external ips influencing the safety of settings is then true. See for your self boggin
The link is
https://www.projecthoneypot.org/home.php
« Last Edit: July 07, 2017, 06:39:21 am by jraju »
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #48 on: July 07, 2017, 06:38:30 am »
I don't know where the link you posted in Reply #46 was supposed to take me, but it just bounced me back to the forum index.

So have you installed Honeypot ?

I've found these two articles which may or not be of interest, but I've never come across this program as a means of detection.

https://en.wikipedia.org/wiki/Honeypot_(computing)

https://honeyscore.shodan.io/

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: how change of dns, nullifies the vulnerability
« Reply #49 on: July 07, 2017, 06:42:50 am »
Hi, Boggins, there is no problem in accessing the link The link was given in my previous posts 3 years back. Just go there and click dashboard and you will see the infected ips list spamming and etc.
The Bottom line is "Check your hardware first if it supports the task you try".