OpenDNS Updater v2.2.1 returns incorrect IP 92.242.140.2 related to Barefruit advertising

Comments

5 comments

  • Avatar
    rotblitz

    Open a command prompt window, and copy & paste the complete plain text output of the following diagnostic commands to here:

    nslookup -type=txt debug.opendns.com. 208.67.222.220
    nslookup -type=txt which.opendns.com.
    nslookup myip.opendns.com.
    nslookup whoami.akamai.net.
    netsh interface ipv4 show config

     

    0
    Comment actions Permalink
  • Avatar
    tilaloz

    C:\Users\marsh>nslookup -type=txt debug.opendns.com. 208.67.222.220
    Server: resolver3.opendns.com
    Address: 208.67.222.220

    Non-authoritative answer:
    debug.opendns.com text =

    "server m59.lax"
    debug.opendns.com text =

    "flags 20 0 50 180000000000000000003B500007E0000001083"
    debug.opendns.com text =

    "originid 1561885"
    debug.opendns.com text =

    "actype 2"
    debug.opendns.com text =

    "bundle 968607"
    debug.opendns.com text =

    "source 70.176.28.10:52101"

    C:\Users\marsh>nslookup -type=txt which.opendns.com.
    Server: router.asus.com
    Address: 192.168.1.1

    Non-authoritative answer:
    which.opendns.com text =

    "I am not an OpenDNS resolver."

     

    C:\Users\marsh>nslookup myip.opendns.com.
    Server: router.asus.com
    Address: 192.168.1.1

    Non-authoritative answer:
    Name: myip.opendns.com
    Address: 92.242.140.2

    C:\Users\marsh>nslookup whoami.akamai.net.
    Server: router.asus.com
    Address: 192.168.1.1

    Non-authoritative answer:
    Name: whoami.akamai.net
    Address: 68.105.28.45

    C:\Users\marsh>netsh interface ipv4 show config

    Configuration for interface "Ethernet"
    DHCP enabled: Yes
    IP Address: 192.168.1.30
    Subnet Prefix: 192.168.1.0/24 (mask 255.255.255.0)
    Default Gateway: 192.168.1.1
    Gateway Metric: 0
    InterfaceMetric: 25
    DNS servers configured through DHCP: 192.168.1.1
    192.168.1.1
    Register with which suffix: Primary only
    WINS servers configured through DHCP: 192.168.1.1

    Configuration for interface "Loopback Pseudo-Interface 1"
    DHCP enabled: No
    IP Address: 127.0.0.1
    Subnet Prefix: 127.0.0.0/8 (mask 255.0.0.0)
    InterfaceMetric: 75
    Statically Configured DNS Servers: None
    Register with which suffix: Primary only
    Statically Configured WINS Servers: None

     

     

    0
    Comment actions Permalink
  • Avatar
    rotblitz (Edited )

    Your DNS traffic is handled by Cox, and they work with NXDOMAIN redirection for example to serve you with ads.  But this is the case only if your Asus router at 192.168.1.1 is being used as DNS forwarder, not if you specify the OpenDNS resolver address on the PC as with the first command.  So in fact you do not use OpenDNS at all with the current configuration, but Cox's DNS service.
    Check it at http://welcome.opendns.com/ and http://dnsleak.com/

    Have you configured the OpenDNS resolver addresses correctly on this router?  Have you filled all DNS server fields with OpenDNS addresses?  (This is the first and most important step to use OpenDNS at all, not the Updater or anything else.)  Also, is your router an ISP supplied device?

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    Probably not hacked but a glitch in the router's firmware.  You may need to keep an eye on it going further.

    0
    Comment actions Permalink

Please sign in to leave a comment.