Author Topic: (solved)Is Public google dns safe to be selected?  (Read 17133 times)

0 Members and 1 Guest are viewing this topic.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
(solved)Is Public google dns safe to be selected?
« on: October 28, 2017, 12:27:45 am »
Hi, Since the scan by avast shown me dns hijack, i have changed the dns to google dns in the router. But scanning thro a software , the actual dns servers at the time of browsing of a session , point out the existence of an unknown foreign server, which is trying to access the router at some point of times and not always. Moreover, the same website's advt pop up shows whenever i try to view other websites. There the popup would show up.
                   So, i changed back to my ISP's dhcp server to be on the safer side. But now avast shows dns hijack of domain sites.
                    I wrote to avast to confirm that dns hijack is false positive and expecting reply from them.
Even full scan at online dns scan site, proved the presence of unknown server.
                     how to confirm that it is false positive? Nslookup to those domains show the same ip, but peculiarly my service Provider Ip. What to make of it ? pl experts
« Last Edit: November 04, 2017, 01:09:16 am by jraju »
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #1 on: October 28, 2017, 02:36:06 am »
I don't know what report means either.

I use some of Level Three's DNS servers - 209.244.0.3 and 209.244.0.4 but download the free version of MBAM - click on Scan in the left pane then on Custom/Configure Scan and check the boxes for the drives you want to scan - usually it's just C:

This is a full scan and can take a while to complete.

This will find and remove any PuPs and PuMs.

Follow that up with a scan of AdwCleaner.

Click on Scan and then on Log.

When it has done it's scan it may list some items in the pane below which it considers PuPs - if you want to keep any then uncheck their boxes.

Close the Log and click on Cleaniing where it will produce another report of what it has deleted after the reboot.

https://www.malwarebytes.com/mwb-download/

https://www.malwarebytes.com/adwcleaner/

Run this check on your router to see if it has been hacked and if it has then you will need to factory reset it.

https://www.komando.com/cool-sites/312613/test-your-router-to-see-if-its-been-hacked-heres-how

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #2 on: October 28, 2017, 05:33:01 am »
Hi, I have already checked with mbam.Nothing suspicious found in full scan. Fsecure router checker is not working for months. It pops up ovreloading...try after sometime.
                  Can the ISP allot public ips of some other country to the users of the service provider? I mean, that can the service provider allow a foreign ip as public ip to me, in India?
              I have checked the public ip at that time. That was a different one.
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #3 on: October 28, 2017, 06:42:20 am »
I don't know how the ISPs work in India, but for you to be getting a pop up every now and again suggests that you have what is known as a Google redirect.

Which browser are you using ?

If you are using IE then go Start - type iexplore -extoff and press enter.

This will open IE without add-ons.

Click on the home page icon to browse normally and then see if you continue to get those pop ups.

Use this article to set your Hosts file back to default should something have added an entry in there.

https://support.microsoft.com/en-us/help/972034/how-to-reset-the-hosts-file-back-to-the-default

I'll have a look at your IP address and see where it originates and get back to you.

Did you try a scan with AdwCleaner ?

That F-Secure test worked for me.

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #4 on: October 28, 2017, 06:51:51 am »
According to https://www.ultratools.com/tools/ipWhoisLookup it appears to be Chinese.

The page doesn't copy with an IP address in it so enter 117.93.195.165 into the box and hit Go then scroll down for the details.

I'd contact your ISP for clarification.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #5 on: October 28, 2017, 07:12:08 am »
Hi, why that particular IP. Is it the current public ip of my system? I have already contacted but nothing came from them. Applying my current public ip, in the tool provided the correct information of my service provider.
« Last Edit: October 28, 2017, 07:20:47 am by jraju »
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #6 on: October 28, 2017, 07:23:50 am »
That is the IP address that is registered in your profile that Mods have access to.

You can confirm if that is the IP address that you are now using by doing a speed test at www.speedtest.net and your IP address will be displayed on the left.

Let me know if it is different to the one I've posted.

You can change your ext. IP address by switching off your router and disconnecting the cables for 30 mins.

How did you contact your ISP - phone ?

EDIT - It's definitely coming up as Chinese - https://cleantalk.org/blacklists?record=117.93.195.165

On another forum, someone from India will have an Indian based IP address.

Have you tried that router hacker test site again yet ?
« Last Edit: October 28, 2017, 07:28:11 am by Boggin »

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #7 on: October 28, 2017, 08:02:31 am »
Yes ofcourse, i noticed your link has the exact public ip that my machine shows. But , when i checked the same, it shows my  service provider in ultra tools.
what is the meaning of it, somebody in chinese will get ....
I talked to ISP over phone and email, but they say , as you are behind the router, you need not worry and not confirming it. I am expecting it and it will take time.
I checked and found ip address belonging to ... Yes your ip mod shows is entirely different from what i have at that time. But you see the result in the second link. you could your self see the change. OK. i will shut off the machine and get another public ip
The Bottom line is "Check your hardware first if it supports the task you try".

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #8 on: October 28, 2017, 08:10:23 am »
But it is normal that if my internet access went off and then reconnected to get that different ip.Input of your Ip posted in your reply really goes to a chinese one. But , i checked my ip and then checked to confirm that it belonged to the service provider.
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #9 on: October 28, 2017, 08:33:58 am »
An ISP will have a range of addresses that your router will pick up.

How did you verify that the IP address that I found you have is from your ISP and what is the name of your ISP.

Did you run the speed test to confirm your IP address ?

You haven't said if you've run a scan with AdwCleaner or if you have tried that F-Secure site again.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #10 on: October 28, 2017, 09:41:27 pm »
Hi, My ISP is Bsnl. I checked with grc.com sheilds up. sites. i have tried so much times to fsecure site with the same result.i have not tried adware cleaner that i will do. But regularly i am checking with the tool adware and also jrt
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #11 on: October 29, 2017, 01:57:33 am »
This is a list of IP addresses used by BSNL but given how many pages there are, I don't have time to go through them - initially they all India based.

https://tools.tracemyip.org/search--isp/bsnl

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #12 on: October 29, 2017, 05:07:44 am »
Hi, browsing thro those pages would not do anything.
              My query:
                             I have selected the shown bsnl server 1 and 2 in router, to manually configured to the same dns servers. But , when i check the actual dns from router check (not fsecure), it shows a differnet server of the same IPS. Why? Are they are near my place and it automatically allows other servers of the same service provider?
                             
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #13 on: October 29, 2017, 05:17:43 am »
Do you have a link for how you are checking your IP address because the ones I've tried show your IP address to be of Chinese origin.

Can you open IE - Tools cog - Internet options - Connections - LAN settings and ensure just the top box is checked.

Let me know if the Proxy one is checked.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #14 on: October 29, 2017, 07:48:10 pm »
I checked with the IE option tab. The proxy is unchecked. The top box is checked. I unchecked it. I have configured the router dns page not to auto obtain dns address and selected manually the address that was shown in the router status page.
                          I think i have cleared your doubts.
                          i tried a ipblock of the particular site using the advanced settings in the router, but once done it, i could not get the internet access and it is fluctuating.
I have to delete the rule to get back.
                          I went to speed test link and found that it is the same as reported in the page and mod , It is also my service provider
                         
« Last Edit: October 29, 2017, 08:05:47 pm by jraju »
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #15 on: October 30, 2017, 01:16:49 am »
The top box should be checked but I don't understand why when I do a look up on your IP address it comes up as Chinese but when you do it, it returns as for your ISP.

Have you ran AdwCleaner and checked your Hosts file ?

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #16 on: October 31, 2017, 10:23:51 pm »
Hi, Boggins, sorry for late reply. While i was reading your reply, my system suddenly hangs and i could not boot. Inspection shows, that mb went dead. I could not get the screen, as it was a second hand. i tried my removng ram, removing mobo battery etc, but i could not get any light on monitor. I could not go to bios as well. i called tech help and he said , the mother board need to be replaced with the supported ddr2 to make it workable.
                                               i had changed the mb and ram , and i could access the computer main screen. But, due to the fact, that it is a new motherboard, the drivers of lan, and some others could not be installed with the existing OS. Further action was necessitated by saving docu and downloads folder to d: and then reinstaling of the fresh OS.
                              Now , i am writing reply from that pc and hence the delay. As for hosts file, i do not think that now it is necessary. anyhow , i will check, if the router has injected some links in to it.
                              Regarding the mod ip, i do not know , how you are getting the chinese ip, myself getting the ISP's ip, i think, it still needs proble.But the ip you mentioned me to check, was not at all found in my search.
                              I use speedtest.net.in , to view my external ip, and it shows as ISP's like your link of search of ip link.
I will download avast and check . But, my query remains , as how google dns allows access of some malaysian website host to my router.
You said that i have not made it clear for you on that . Let me say, that when dns hijack is prompted, the avast asks you to switch to public google dns. But switching from service provider should be safe enough.
                                   By checking the dnsleak.c om (enclosed  results) and router check app, i came to the  issue of another dns silently accessing  it at times. Now i think i make it clear that changing of dns pose some other problem.
                                    please
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #17 on: November 01, 2017, 12:29:54 am »
Change your DNS servers to 209.244.0.3 and 209.244.0.4 to see if you still get these alerts or redirects.

These DNS servers belong to Level Three and are what I use.

If you ping them, you can compare their latency to Google's.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: (solved) Is Public google dns safe to be selected?
« Reply #18 on: November 04, 2017, 01:08:46 am »
Hi, I will try these ip addresses. Now , i am having internet speed problem and once it is corrected, then i will change to it. Did you see shinjiro, website in my enclosure? That does not belong to google. So, i am hesitating to use google dns. No reply from google public dns support or forum on the clarifications sought.Thanks
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: (solved)Is Public google dns safe to be selected?
« Reply #19 on: November 04, 2017, 03:37:50 am »
You didn't attach that log, so no - I didn't see that website.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: (solved)Is Public google dns safe to be selected?
« Reply #20 on: November 04, 2017, 03:45:20 am »
Please see. 1st post
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: (solved)Is Public google dns safe to be selected?
« Reply #21 on: November 04, 2017, 07:37:19 am »
Thought you were referring to something else.

Change your DNS servers to 209.244.0.3 and 209.244.0.4 and run that DNS leak program again and see what those results are.

From that log, you seem to have had a few IP addresses but I don't know why it lists Google as your ISP.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: (solved)Is Public google dns safe to be selected?
« Reply #22 on: November 04, 2017, 08:09:55 am »
Hi, i give below. Due to the fact that i was informed by avast that my dns have been hacked, i switched to google dns and the log picture is when i use google dns in my router.Fearing that unknown servers at time access my router, i changed my router dns back to my service provider, which usually ended in usual scan result of dns hijack. I tried nslookup to those hijacked domains and it pointed to my ISP servers ip. I wrote to all concerned , to avast whether it is false positive to my ISP. No repliy came from any side.
                         Meanwhile, i chanced upon contacting the correct person in my service provider wing  and told about this . He has informed that those are blocked sites already and specific sites have been redirected to that ip. so, it is actually false positive to me then, and i reported the same to avast also. Now i know that it is a false alarm, as avast has included and it does not fetch the correct ips of those domains,  it always alerts as dns hijacked as a possible alert.
                              My query is when i changed to public google dns, i was having the weird problem of a unknown shinjiru server is shown as a dns server, along with the configured google dns.
                               i think i  made it clear .
                                  So, i queried if using public dns is safe or not ? If i use the google dns, i do not get the dns hijack alert, but some other problem of dns access. ok
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: (solved)Is Public google dns safe to be selected?
« Reply #23 on: November 04, 2017, 08:21:11 am »
Like I said, try those other DNS severs and see what is reported.