Bypass OpenDNS on Windows?

Follow
Avatar
everking

There is one computer at home that seem to bypass OpenDNS.

The following test phishing site seems to be blocked in all computers:

http://www.internetbadguys.com

But the following adult test site is not blocked on a Windows 10 machine (blocked on my MacBook and ChromeBooks):

http://www.exampleadultsite.com/

Is there any software installed in my son's Windows 10 machine that can bypass OpenDNS? How can I troubleshoot this?

 

0

Comments

12 comments

Sort by Date Votes
  • Avatar
    mattwilson9090

    You have provided basically no information about the computer in question, or how it is configured. There is no way for us to tell you what software is installed on that computer, let alone what might be causing this behavior.

     

    Is the computer even using the same home network as every other computer?

    Is it actually configured to use OpenDNS, or is it using some other set of DNS servers?

    Is there some software, such as Avast, that might be bypassing "standard DNS" methods and instead using it's own "secure DNS" methods?

    0
    Comment actions Permalink
  • Avatar
    everking
    Sorry about that. Here are the details...

    1. Windows 10 Lenovo (has the problem)
    2. MacBook Pro, ChromeBooks and iPhones using the same Netgear router as (1) configured to use OpenDNS (the version that comes with the router).
    3. No software that I installed as far as I know but my son uses it. He did ask me to install Cold Turkey app earlier but I can't remember anything else.

    I'm not familiar with Avast but I don't think I have it. But I'm lost king for tips to find out if there is some hidden app installed from other software packages that may cause this.


    0
    Comment actions Permalink
  • Avatar
    everking
    "lost king" --> "looking" (pesky iPhone keyboard :-)
    0
    Comment actions Permalink
  • Avatar
    mattwilson9090

    I'll repeat my initial questions since you didn't really answer them. I've added another question as well.

    Is the computer even using the same home network as every other computer? If so, how have you verified that?

    Is the computer actually configured to use OpenDSN, or is it using some other set of DNS servers? If so, how have you verified that?

    To find out if Avast or some other software is installed you need to look at the installed software, both on the Start Menu and in the "Programs and Features" applet in the Control Panel. Did OpenDNS stop working before of after you installed "Cold Turkey" on the computer?

    Is you son's account on this computer running as "Administrator" or "User"? If running as Administrator none of this matter since he can bypass any security or controls that you set on the computer. If you want to be in control of what happens on that computer and what it is used for his account *must* be set to "User".

    0
    Comment actions Permalink
  • Avatar
    everking

    I thought I answered at least a few of them, but let me try again.

    I know it's on the same network because I configured all of them. They are on the same subnet and are all in WiFi. We only have one network that connects to the Internet.

    I looked at "Programs and Features" multiple times before I posted. Nothing stands out. I also un-installed Cold Turkey to no avail. As far as I can tell, no VPN running or anything like that... But I'm not sure if there's something hidden that's not obvious that can't be seen... Not sure if there is some trick out there that can redirect calls to DNS somewhere else before calling the router DNS.

    Yes, it's using OpenDNS because I get "This domain is blocked." with OpenDNS logo when I try the http://exampleadultsite.com site... And surprisingly http://www.internetbadguys.com is also blocked on the same Windows machine that does not block  http://exampleadultsite.com. So it seems targeted.

    I'm not sure when OpenDNS stopped working on that Windows 10 machine... Not sure how related it is with Cold Turkey.

    My son's login is a "child" account under Windows 10's family safety feature. That's why I mentioned earlier that he *asked me* to install Cold Turkey.

    Also, I have a NetGear Genie on my iPhone that configures parental controls... not sure if that has anything to do with it. Not sure how NetGear Genie is able to target specific computers in OpenDNS, but it seems that it can, but I tried multiple different iterations of the settings and nothing worked. Not how to clear the NetGear Genie configuration that targets specific machines.

     

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    Copy & paste the complete plain text output of the following diagnostic commands here:

       nslookup -type=txt debug.opendns.com.

       nslookup www.exampleadultsite.com.

    0
    Comment actions Permalink
  • Avatar
    everking
    Here you go rotblitz...
    C:\Users\gabri>nslookup -type=txt debug.opendns.com
    1.1.168.192.in-addr.arpa
            primary name server = localhost
            responsible mail addr = nobody.invalid
            serial  = 1
            refresh = 600 (10 mins)
            retry   = 1200 (20 mins)
            expire  = 604800 (7 days)
            default TTL = 10800 (3 hours)
    Server:  UnKnown
    Address:  192.168.1.1
     
    Non-authoritative answer:
    debug.opendns.com       text =
     
            "server 11.pao"
    debug.opendns.com       text =
     
            "device 0000919C53BEAED1"
    debug.opendns.com       text =
     
            "flags 422 0 70 5950800000000000000"
    debug.opendns.com       text =
     
            "originid 0"
    debug.opendns.com       text =
     
            "actype 0"
    debug.opendns.com       text =
     
            "source 50.184.24.35:55749"
     
    C:\Users\gabri>nslookup www.exampleadultsite.com
    1.1.168.192.in-addr.arpa
            primary name server = localhost
            responsible mail addr = nobody.invalid
            serial  = 1
            refresh = 600 (10 mins)
            retry   = 1200 (20 mins)
            expire  = 604800 (7 days)
            default TTL = 10800 (3 hours)
    Server:  UnKnown
    Address:  192.168.1.1
     
    DNS request timed out.
        timeout was 2 seconds.
    Non-authoritative answer:
    Address:  67.215.92.210

     

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    It seems you have not blocked adult categories at https://netgear.opendns.com/

    0
    Comment actions Permalink
  • Avatar
    everking

    @rotblitz... Well, I believe I do have it blocked. Default is at "Moderate".

    However, I do recall disabling it on the Windows machine one time but since re-enabled it using the NetGear Genie on my iPhone. I think NetGear Genie's not working... Is there a way to reset it? i.e. to remove any machine-specific configuration and have all my devices use "default"?

    Is there a way to do that from the web? It seems like it's an app-only feature...

     

    0
    Comment actions Permalink
  • Avatar
    everking

    By the way, I installed NETGEAR Genie on my Mac and I'm not able run Parental Controls on it... It says "... looks like you might not be connecting to the Internet through a supported NETGEAR router." I'm on Firmware Version V1.0.4.2_10.1.10 R6250.

    I'm able to run NETGEAR Genie Parental Controls from my iPhone but as mentioned, it seems that it's no longer working for me (although I'm not getting any error messages).

     

     

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    Open a support ticket.  OpenDNS staff must check this.

    0
    Comment actions Permalink
  • Avatar
    everking

    Thanks @rotblitz... 

    I have. Yesterday. No answer yet. I will post whatever resolution they provide here.

     

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post