Author Topic: (solved)Is Public google dns safe to be selected?  (Read 3407 times)

0 Members and 1 Guest are viewing this topic.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2205
  • Location: india
  • Karma: 17
    • View Profile
(solved)Is Public google dns safe to be selected?
« on: October 28, 2017, 12:27:45 AM »
Hi, Since the scan by avast shown me dns hijack, i have changed the dns to google dns in the router. But scanning thro a software , the actual dns servers at the time of browsing of a session , point out the existence of an unknown foreign server, which is trying to access the router at some point of times and not always. Moreover, the same website's advt pop up shows whenever i try to view other websites. There the popup would show up.
                   So, i changed back to my ISP's dhcp server to be on the safer side. But now avast shows dns hijack of domain sites.
                    I wrote to avast to confirm that dns hijack is false positive and expecting reply from them.
Even full scan at online dns scan site, proved the presence of unknown server.
                     how to confirm that it is false positive? Nslookup to those domains show the same ip, but peculiarly my service Provider Ip. What to make of it ? pl experts
« Last Edit: November 04, 2017, 01:09:16 AM by jraju »
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 7310
  • Location: UK
  • Karma: 107
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #1 on: October 28, 2017, 02:36:06 AM »
I don't know what report means either.

I use some of Level Three's DNS servers - 209.244.0.3 and 209.244.0.4 but download the free version of MBAM - click on Scan in the left pane then on Custom/Configure Scan and check the boxes for the drives you want to scan - usually it's just C:

This is a full scan and can take a while to complete.

This will find and remove any PuPs and PuMs.

Follow that up with a scan of AdwCleaner.

Click on Scan and then on Log.

When it has done it's scan it may list some items in the pane below which it considers PuPs - if you want to keep any then uncheck their boxes.

Close the Log and click on Cleaniing where it will produce another report of what it has deleted after the reboot.

https://www.malwarebytes.com/mwb-download/

https://www.malwarebytes.com/adwcleaner/

Run this check on your router to see if it has been hacked and if it has then you will need to factory reset it.

https://www.komando.com/cool-sites/312613/test-your-router-to-see-if-its-been-hacked-heres-how

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2205
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #2 on: October 28, 2017, 05:33:01 AM »
Hi, I have already checked with mbam.Nothing suspicious found in full scan. Fsecure router checker is not working for months. It pops up ovreloading...try after sometime.
                  Can the ISP allot public ips of some other country to the users of the service provider? I mean, that can the service provider allow a foreign ip as public ip to me, in India?
              I have checked the public ip at that time. That was a different one.
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 7310
  • Location: UK
  • Karma: 107
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #3 on: October 28, 2017, 06:42:20 AM »
I don't know how the ISPs work in India, but for you to be getting a pop up every now and again suggests that you have what is known as a Google redirect.

Which browser are you using ?

If you are using IE then go Start - type iexplore -extoff and press enter.

This will open IE without add-ons.

Click on the home page icon to browse normally and then see if you continue to get those pop ups.

Use this article to set your Hosts file back to default should something have added an entry in there.

https://support.microsoft.com/en-us/help/972034/how-to-reset-the-hosts-file-back-to-the-default

I'll have a look at your IP address and see where it originates and get back to you.

Did you try a scan with AdwCleaner ?

That F-Secure test worked for me.

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 7310
  • Location: UK
  • Karma: 107
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #4 on: October 28, 2017, 06:51:51 AM »
According to https://www.ultratools.com/tools/ipWhoisLookup it appears to be Chinese.

The page doesn't copy with an IP address in it so enter 117.93.195.165 into the box and hit Go then scroll down for the details.

I'd contact your ISP for clarification.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2205
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #5 on: October 28, 2017, 07:12:08 AM »
Hi, why that particular IP. Is it the current public ip of my system? I have already contacted but nothing came from them. Applying my current public ip, in the tool provided the correct information of my service provider.
« Last Edit: October 28, 2017, 07:20:47 AM by jraju »
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 7310
  • Location: UK
  • Karma: 107
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #6 on: October 28, 2017, 07:23:50 AM »
That is the IP address that is registered in your profile that Mods have access to.

You can confirm if that is the IP address that you are now using by doing a speed test at www.speedtest.net and your IP address will be displayed on the left.

Let me know if it is different to the one I've posted.

You can change your ext. IP address by switching off your router and disconnecting the cables for 30 mins.

How did you contact your ISP - phone ?

EDIT - It's definitely coming up as Chinese - https://cleantalk.org/blacklists?record=117.93.195.165

On another forum, someone from India will have an Indian based IP address.

Have you tried that router hacker test site again yet ?
« Last Edit: October 28, 2017, 07:28:11 AM by Boggin »

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2205
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #7 on: October 28, 2017, 08:02:31 AM »
Yes ofcourse, i noticed your link has the exact public ip that my machine shows. But , when i checked the same, it shows my  service provider in ultra tools.
what is the meaning of it, somebody in chinese will get ....
I talked to ISP over phone and email, but they say , as you are behind the router, you need not worry and not confirming it. I am expecting it and it will take time.
I checked and found ip address belonging to ... Yes your ip mod shows is entirely different from what i have at that time. But you see the result in the second link. you could your self see the change. OK. i will shut off the machine and get another public ip
The Bottom line is "Check your hardware first if it supports the task you try".

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2205
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #8 on: October 28, 2017, 08:10:23 AM »
But it is normal that if my internet access went off and then reconnected to get that different ip.Input of your Ip posted in your reply really goes to a chinese one. But , i checked my ip and then checked to confirm that it belonged to the service provider.
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 7310
  • Location: UK
  • Karma: 107
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #9 on: October 28, 2017, 08:33:58 AM »
An ISP will have a range of addresses that your router will pick up.

How did you verify that the IP address that I found you have is from your ISP and what is the name of your ISP.

Did you run the speed test to confirm your IP address ?

You haven't said if you've run a scan with AdwCleaner or if you have tried that F-Secure site again.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2205
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #10 on: October 28, 2017, 09:41:27 PM »
Hi, My ISP is Bsnl. I checked with grc.com sheilds up. sites. i have tried so much times to fsecure site with the same result.i have not tried adware cleaner that i will do. But regularly i am checking with the tool adware and also jrt
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 7310
  • Location: UK
  • Karma: 107
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #11 on: October 29, 2017, 01:57:33 AM »
This is a list of IP addresses used by BSNL but given how many pages there are, I don't have time to go through them - initially they all India based.

https://tools.tracemyip.org/search--isp/bsnl

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2205
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #12 on: October 29, 2017, 05:07:44 AM »
Hi, browsing thro those pages would not do anything.
              My query:
                             I have selected the shown bsnl server 1 and 2 in router, to manually configured to the same dns servers. But , when i check the actual dns from router check (not fsecure), it shows a differnet server of the same IPS. Why? Are they are near my place and it automatically allows other servers of the same service provider?
                             
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 7310
  • Location: UK
  • Karma: 107
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #13 on: October 29, 2017, 05:17:43 AM »
Do you have a link for how you are checking your IP address because the ones I've tried show your IP address to be of Chinese origin.

Can you open IE - Tools cog - Internet options - Connections - LAN settings and ensure just the top box is checked.

Let me know if the Proxy one is checked.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2205
  • Location: india
  • Karma: 17
    • View Profile
Re: Is Public google dns safe to be selected?
« Reply #14 on: October 29, 2017, 07:48:10 PM »
I checked with the IE option tab. The proxy is unchecked. The top box is checked. I unchecked it. I have configured the router dns page not to auto obtain dns address and selected manually the address that was shown in the router status page.
                          I think i have cleared your doubts.
                          i tried a ipblock of the particular site using the advanced settings in the router, but once done it, i could not get the internet access and it is fluctuating.
I have to delete the rule to get back.
                          I went to speed test link and found that it is the same as reported in the page and mod , It is also my service provider
                         
« Last Edit: October 29, 2017, 08:05:47 PM by jraju »
The Bottom line is "Check your hardware first if it supports the task you try".

 

anything