please help - unrecognized domains/sites tracked on DNS

Comments

8 comments

  • Avatar
    rotblitz

    That's a lot of questions, and they indicate that you should make yourself familiar about what DNS (Domain Name System) is and how it works. To get a first insight, you may want to read this interesting article:http://igoro.com/archive/what-really-happens-when-you-navigate-to-a-url/
    (Concentrate especially on what is said about DNS there! It will open a new world for you...)
    For more information on DNS read https://en.wikipedia.org/wiki/Domain_Name_System

    If you have followed these links and read there, you'll be able to understand the following much better.

    "Can you please tell me if what appears in the lists are all websites visited over that time period?"

    Your OpenDNS stats have not much to do with "visited websites". They show the DNS stats out of you network, not your web traffic. These two are related only to a certain extent. DNS traffic is generated by all networking applications, also the ones e.g. in your router, software and AV updates, etc., whereas web traffic is generated mainly by web browsers.

    "Is there a way to find out what these visited domains are?"

    Yes, you could search the internet for this, as you have done, or even better, perform a WHOIS on them.
    http://network-tools.com/default.asp?prog=whois

    "Is there a way to look at websites accessed or visited even if they were viewed via private browsing?"

    If you know their domain name or URL and if these are really websites, then yes, else no. These could be mailservers or SSH/SFTP servers or VoIP servers or any other internet service based servers, so you cannot view them with a web browser.

    And also, DNS and "private browsing" are related in no way. DNS lookups cannot be privatized and would appear in your OpenDNS stats nevertheless as long as you send them to OpenDNS at all and not to another recursive DNS service.

    "I downloaded Open DNS..."

    Hard to believe. You cannot download OpenDNS. OpenDNS is not software, but a configurable service, a (recursive) DNS service as its name says.

    "...in hopes that it would track all websites visited"

    No, OpenDNS is a DNS service, and you only send DNS lookups (e.g. for domain name resolution to an IP address) to them. This is what they can capture and log. Your web traffic is not part of this information you send to them, so they have no way to collect this information.

    "Also is it possible that some domains/websites are tracked & listed there even if they were NOT visited?"

    For sure. This can be the majority of your DNS traffic. DNS lookups are usually not generated intentionally by humans, but by network application as needed. Each time a domain name needs to be resolved to an IP address to be able to connect to it (or even not), a DNS lookup is generated.

    "For example yahoo privacy page, followed by yahoo safe browsing, followed by yahoo log in and mail? Is it possible this would show up on the lists if no one in my household has visited those sites?"

    If these Yahoo things are hosted on different domains, yes, and yes, as OpenDNS doesn't know about your "visited websites", but about your DNS lookups.

    "Is it possible our neighbours or someone else has the same IP address and Open DNS could be picking up some other visited/tracked websites by other households in our area?"

    No, it is not possible that someone else has the same IP address. But it could happen that a wrong IP address information is registered with your OpenDNS network, because your ISP assigned IP address has changed, and you didn't update the information at OpenDNS, but someone else inherited your outdated IP address, so this other network will log their DNS lookups against your stats. And vice versa, your DNS lookups could be logged against someone else's stats under similar circumstances.

    If you still have questions after having read also the stuff I linked to, come back to ask for it.

    0
    Comment actions Permalink
  • Avatar
    skysthelimit
    Rotblitz -
    Thank you for taking time to explain it to me and for not treating me like a complete idiot- I really do appreciate that!! :)
    I think what I may need is a keylogger then not a dns tracker? In order to track all Internet browsing in my household even that which has been cleared or done in private windows? Would I be correct in assuming so? Thanks again, take care!
    0
    Comment actions Permalink
  • Avatar
    rotblitz

    A keylogger's output may be too difficult to read. Just to see what someone has keyed wouldn't show you what has been seen.

    Better would be an internal proxy server where all web traffic goes through and which has logging capability, for example http://fiddler2.com/

    0
    Comment actions Permalink
  • Avatar
    skysthelimit
    Thanks, I did look at that from one of the links you gave me, but it too looks complicated. Maybe I can join a forum for step by step help or advice or a guide.
    0
    Comment actions Permalink
  • Avatar
    rotblitz

    There's no easier solution for the complicated requirements you have...

    0
    Comment actions Permalink
  • Avatar
    cervezafria

    You could install software on the user's machines, which would provide you that level of reporting (supplemented with screenshots). You can compare alternate software packages here:

    http://monitoring-software.findthebest.com/d/d/Personal

    You may find Qustodio (www.qustodio.com) helpful and it is free for home use.

    FWIW, a strong deterrent of internet misuse/abuse is to locate internet access in a public area (living room, kitchen, den...) where the screen is visble to anyone passing by. But if someone is determined to "beat your system", there are ways around most filtering systems, just as there are ways to circumvent OpenDNS.

    0
    Comment actions Permalink
  • Avatar
    stingray-pc

    If you need to see who, when and what sites have visited and even track the time spent on them - use software-based solutions. They provide a complete tracking and filtering of all web actions. Example of one of such tools: http://www.workexaminer.com

    0
    Comment actions Permalink
  • Avatar
    11121121
    "There were a lot of websites/names I didnt recognise, alot that looked like random jumbled letters, some when I copied and pasted them into a new tab wouldnt open and so on."

    I am also having random sequence of letters show on my domain list. No .com or .anything after it. What is this and why is it showing if it's not a domain.com ? Thank you.
    0
    Comment actions Permalink

Please sign in to leave a comment.