How did the Open DNS take control of my browsing?
-
Yesterday I started get redirected to a page that says OpenDNS "This domain is blocked due to content filtering." and some information like "This site was categorized in: Software/Technology, Forums/Message boards, Research/Reference, Blogs" The site in question was Stack Overflow!!! Also the site like imdb.com was blocked and the login for a online shopping site, AliExpress.com (hmm, maybe not a bad thing). After some searching I found out that in order to get rid of this crap, I should change or remove the DNS server settings in the network settings. I was thinking to myself "This is weird, I haven't changed anything there", but I went to check and lo and behold: the DNS server settings was now set to
Preferred DNS server : 208.67.222.222
Alternative DNS server : 208.67.220.220I changed the setting to "Obtain DNS server address automatically", cleared the DNS cache and then everything was back to normal. Simple enough to fix, but where did these settings come from in the first place? I'm the only one using the computer and I am damn sure I never entered those DNS servers manually. (I have to admit I haven't checked these settings in a while, so they might have been there for quite a time) So how were these changes made on my computer? Did some Windows 10 update do this automatically in the background? Is it some sort of malware? I did a scan with Windows Defender, but found nothing. (Very weird malware in that case) In any case it is very annoying to be controlled by some third party site that have their own definition of what is proper.
-
Yesterday I started get redirected to a page that says OpenDNS "This domain is blocked due to content filtering." and some information like "This site was categorized in: Software/Technology, Forums/Message boards, Research/Reference, Blogs" The site in question was Stack Overflow!!! Also the site like imdb.com was blocked and the login for a online shopping site, AliExpress.com (hmm, maybe not a bad thing). After some searching I found out that in order to get rid of this crap, I should change or remove the DNS server settings in the network settings. I was thinking to myself "This is weird, I haven't changed anything there", but I went to check and lo and behold: the DNS server settings was now set to
Preferred DNS server : 208.67.222.222
Alternative DNS server : 208.67.220.220I changed the setting to "Obtain DNS server address automatically", cleared the DNS cache and then everything was back to normal. Simple enough to fix, but where did these settings come from in the first place? I'm the only one using the computer and I am damn sure I never entered those DNS servers manually. (I have to admit I haven't checked these settings in a while, so they might have been there for quite a time) So how were these changes made on my computer? Did some Windows 10 update do this automatically in the background? Is it some sort of malware? I did a scan with Windows Defender, but found nothing. (Very weird malware in that case) In any case it is very annoying to be controlled by some third party site that have their own definition of what is proper.
A) Have you tried a VPN client that might have failed to return the orginal settings pre-vpn connection (mine does that now and again). B) You may have triggered some malware somwehere and it is pushing all content request through some dodgy route! Before you know it, it will be redirecting pages, adding banners, and digging in so deep that you cannot escape the little blighter no matter how much your clean!
Dave Find Me On:Web|Facebook|Twitter|LinkedIn Folding Stats: Team CodeProject
-
A) Have you tried a VPN client that might have failed to return the orginal settings pre-vpn connection (mine does that now and again). B) You may have triggered some malware somwehere and it is pushing all content request through some dodgy route! Before you know it, it will be redirecting pages, adding banners, and digging in so deep that you cannot escape the little blighter no matter how much your clean!
Dave Find Me On:Web|Facebook|Twitter|LinkedIn Folding Stats: Team CodeProject
I don't have a VPN and I haven't tried to install one in this particular computer. Let's just hope I am not infected by some malware. And even so, if the malware is routing my traffic so it triggers OpenDNS to block it, it still doesn't explain how the OpenDNS servers were configured on my computer in the first place.
-
I don't have a VPN and I haven't tried to install one in this particular computer. Let's just hope I am not infected by some malware. And even so, if the malware is routing my traffic so it triggers OpenDNS to block it, it still doesn't explain how the OpenDNS servers were configured on my computer in the first place.
OpenDNS is a legitimate DNS look-up service with additional phishing protection and content filtering. Before I installed VPN I used it all the time and consider it a good thing. So it's unlikely that any malware would 'install' it. Quite the opposite I would have thought.
I am not a number. I am a ... no, wait!
-
OpenDNS is a legitimate DNS look-up service with additional phishing protection and content filtering. Before I installed VPN I used it all the time and consider it a good thing. So it's unlikely that any malware would 'install' it. Quite the opposite I would have thought.
I am not a number. I am a ... no, wait!
So how did it get into my computer and why does it block stackoverflow.com and imdb.com?
-
So how did it get into my computer and why does it block stackoverflow.com and imdb.com?
To the first, I dunno. Are you absolutely sure that your computer has not been accessed by any other person for any other purpose? Might you have inadvertently accepted OpenDNS in installing something else? I'm really having difficulty imagining why or how the change would have been made without some human interaction at some point. The two sites, however, are almost certainly on the default block list at least for the strictest of the child friendly policies. Adult content on the latter and lots of abuse and swearing on the former.
I am not a number. I am a ... no, wait!
-
To the first, I dunno. Are you absolutely sure that your computer has not been accessed by any other person for any other purpose? Might you have inadvertently accepted OpenDNS in installing something else? I'm really having difficulty imagining why or how the change would have been made without some human interaction at some point. The two sites, however, are almost certainly on the default block list at least for the strictest of the child friendly policies. Adult content on the latter and lots of abuse and swearing on the former.
I am not a number. I am a ... no, wait!
I'm very sure no one else has used my computer, but it might, as you say, have been bundled with something else. I didn't install anything new the last few days, though. But how do you configure the filter level with OpenDNS? Different DNS server addresses or a configuration page somewhere? I didn't dig into it as I don't want it.