how change of dns, nullifies the vulnerability

[Boggin]

When I've just clicked on the link again, it took me to your earlier thread, but I can't see where to view any IP address of a Poster - there's normally a small icon.

What more do you want from me on this ?

[jraju]

Hi, Boggins, i got the matter. I have signed in to the website. Then , when you log on, you see the menu dashboard and you click and it will show you the ips infected near your ip. My query is related to the security settings being compromized by this kind of infected external ip. Thats all

[Boggin]

Still don't know what you mean.

[jraju]

Hi are you able to go to website and access dashboard. For accessing dashboard, you need to sign in to the website

[Boggin]

I'm logged in but I don't know what you mean by the dashboard.

[jraju]

If you logged in, you will be shown the dashboard, which gives the infected ips near your place, as i enclosed in the picture. I think my query centred upon dns and network security. My query is if a ip you log in happens to be infected, are the secure settings you make becomes vulnerable, since the ip is already infected.
                                              I raised this query when i had the problem of freely logging to this website and the rest of the story is given in my old thread link. Then, i did not know much about those things of external ips and all that .

[Boggin]

So do you want me to install Honeypot ?

[jraju]

Hi, I have not downloaded any honeypot. I just registered in their message board. When i open it normally, i do not find the details.But when i registered and then logging on, i could see the details. Thats all. I do not want any one to download honeypot.

[Boggin]

So where is this dashboard you're on about ?

[jraju]

Hi, Boggins, pl see the screenshot

[Boggin]

I did but I don't particularly want to log into the site - so is your IP address in the same group as 117.193.241.### ?

[jraju]

Hi, No boggins. I only wish to point out that external ips if logged on by users on affected ips, would be security concern and want a kind of fix. Even when you change the dns to google in the router, this attack is not given thought. I think so. So, could i cometo the conclusion that even external ips are security concerns .  It shows my ip as not affected, and in your case, it would have shown, your ip and near ips infected . Is that correct, boggin.
                  I am extremely thankful to you for your considered reply in a way to help the users to understand in tech details.

[Boggin]

I'm not sure why it considers an IP suspicious as I've checked a couple near you on Clean Talk and nothing is known on them - try some for yourself.

https://cleantalk.org/blacklists?record=117.193.241.96

[jraju]

Hi, Thanks for your reply. Does this site now has this  check on spam ? 
             Individual computers may be vulnerable, and so is the individual ips when allotted automatically to any users. if that user logs in to the time , when he is allotted the infected ips, then  there is no escape from the vulnerability, as for that session, the user is using his computer on infected ip.
                  I also find that it is always best to have dynamic ips. I do not think , that ISPs are doing anything to correct the infected ips with their servers. Some ISPs are using other servers also to serve you.
                  This is the thing that i want to be safeguarded.
                    What is the button get clean.....in the bottom of your link referred?

[Boggin]

I remember from your previous posts that you weren't getting any alerts when using Google's DNS servers and the alerts were only there when using your ISP's.

I think it would be prudent to continue using Google's servers.

I don't think your assigned ISP ext. IP address will be infected, but there seems to be something not right when using their DNS servers.

That website is what we use to check if an IP address of someone who has registered on the forum is a known spammer.

You can also enter their email address which may come up with more info.

Try it with your own and then see if anyone has spoofed it - that can happen and then your IP address gets blacklisted, so you would need to change yours which you can do by switching off and unplugging all of the cables from the router for about 30mins, as well as switching off your computer.

Then when you switch the router back on and all of its lights are on, switch the computer back on and www.speedtest.net will display your new one.

I wouldn't worry too much about your ext. IP address unless you end up blacklisted - that Honeypot website doesn't support what I've found when running those IP addresses with the (S) or the (SD) after them - no suspicious activity.

[jraju]

Hi, Thanks for the information Boggins.
                       i now use google dns server in the router settings, so i need not change the same in all the devices i use.
I do not understand what is meant by
You can also enter their email address which may come up with more info. from your quote
           

[Boggin]

That's really more for Admins and Mods as we are normally the only ones who can see a member's email address which could come up as being when that person had used that email address to register on somewhere, using a different IP address.

[jraju]

Hi, for sake of clarity , i am continuing in this thread.
                       If a domain is hijacked in the provided DNS, how it is connected to user computer to show it as vulnerable. Does it mean that the said domain is weak and so attacked by a third party to direct the traffic to his malicious site?
How usually program finds hijacked domains in a connection? Is that meant, only the said DNS is hijacked. To me, that DNS only supplies the ip address for any given name address. Or shoud it be read as user computer is hijacked.I want to know something more on this.Does the domain hijack means that the DNS itself is hijacked?