DNS Google, OpenDNS, Norton, and TAPI connection

Discussion in 'privacy problems' started by The Oracle, Dec 21, 2011.

Thread Status:
Not open for further replies.
  1. The Oracle

    The Oracle Registered Member

    Joined:
    Dec 2, 2011
    Posts:
    78
    I have been using Norton DNS for a few weeks so far. Have yet to run into a single problem with it. However, my VPN is suggesting I use either Google or OpenDNS. I have tried OpenDNS in the past, but ran into a lot of problems with it blocking websites for me. I have yet to see Norton do this once to me since I have been using it. I am dreading having to go back to OpenDNS just to get my VPN to work. I have some other issues as well...

    OpenVPN requires a login and software to use. I don't mind my IP on the backend being traced to my DNS records, since I am masked through my VPN, but I do have problems with having to use something that requires login and a central place that keeps all the specific records tied to me. Then there were other times I tried using it and ran into problems with OpenDNS because other accounts were connected to it with the same IP. Am I right about thinking this way or what I am saying?

    Google is as Big Brother as you can possibly get in this world right now, and I really prefer to not have anything to do with the tracking monster at all. You might as well ask me to start using Facebook if you are going to ask me to use Google. Anything I can do to prevent Google from following me, I do. NoScripts is one of the best tools IMO that has come out with as much Google scripts embedded in every page. I have them all permanently blocked. Try not to use anything of theirs now as much as possible. Maybe I am wrong for thinking this way, but they bug me for many reasons how nuts they are for tracking.

    I guess I am just trying to understand why I have to move away from Norton when I am completely happy with their service. So my post is mainly to try to understand these other services and get over my judgements about them through education.

    Also, can you help me to understand something about where specifically the DNS get's called from. If I have a cable modem which pulls from my ISP, router that pulls from modem, Network card that pulls from router, which DNS setting actually holds up in the big picture?

    Let's assume I have DHCP set all the way down the path. I don't fully understand the TAPI adapter that the VPN uses either. Does the TAPI pull from the local area connect network card, pass through it, or completely different connection all together?

    So if I have my local area connection card set with a static DNS, and my TAPI is using DHCP for DNS, which one wins? I was told that I can't use static IP's on my connections which I am not thrilled about so I don't know how the chain actually works.

    If I have DNS server tied to my network card, can I have a different one tied to my TAPI connection? This way when I am connected to my VPN, I use one DNS (say OpenVPN), and when I am not (which is rare), I can use a different one (say Norton).
     
  2. marktor

    marktor Registered Member

    Joined:
    Dec 4, 2011
    Posts:
    143
    I dont know exactly what your trying to say but did you mean to say "Open DNS requires a login and software to use."?? Im not sure why it matters what DNS service you use with your VPN. That should be your decision I would think? Most VPNS usually have a DNS already setup though that they use. You can check what it is by going to http://www.dnsleaktest.com/ and running the test. Im not sure about this but no matter what DNS service I have setup on my computer the one the VPN provider uses shows up in the DNS leak test. So Im not really sure if it even matters what DNS you have set on your computer. I know everyone has a preference but personally I use OpenNic. For the simple reason many of the servers are in other countries than my own and many of them have logging disabled. See here for a list: http://www.opennicproject.org/publictier2servers I have also seemed to notice that many VPN providers use Google DNS as their DNS provider. I dont personally like this and I am not sure why they dont use something else like OpenNIC create there own DNS server.


    I think I get what your saying here.... For example if you have a router and the DNS is set on it for OpenDNS but then you have your computer and you have the DNS set on the computer for Norton. Which DNS service is actually use then? I believe the answer is the one on the computer. That is one the answer if you are not using a VPN. If you are using a VPN then you are either using the DNS on your computer or the one the VPN has setup because all your traffic is encrypted as it goes out over your router,modem,isp etc. make sense?

    The TAPI adapter is what is used to encrypt your traffic. Your traffic is unencrypted when it enters TAPI when it comes out and goes out over the internet it is encrypted.


    DasFox actually asked the same question here: https://www.wilderssecurity.com/showthread.php?t=298054
     
    Last edited: Dec 22, 2011
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I've seen issues witih OpenDNS. I like Google and Norton though.

    Just a bit on Google that probably won't change your mind:
    http://code.google.com/speed/public-dns/privacy.html
     
  4. The Oracle

    The Oracle Registered Member

    Joined:
    Dec 2, 2011
    Posts:
    78
    I just did a test and what you are saying, in this instance, isn't true. I have OpenDNS on my local card. I had OpenDNS on my TAPI adapter also, and I just changed the DNS on my TAPI adapter to google. Ran a test on dsnleaks prior to the change and after (flushed dns). Before the change it showed OpenDNS, after the change "only" to the TAPI adapter, GoogleDNS showed up. My TAPI and local card are both setup for DHCP by my VPN's suggestion. The only thing I have outside that is static DNS server information on the two cards. If the TAPI was getting it through the DHCP server, or only the DNS from their exit point, then my changes wouldn't show up at all when I ran the tests. So I guess it does matter what DNS server you use.

    Thanks for pointing this out. I wasn't aware of the log issues. Now I have to go and look to see if OpenDNS or Norton use logs. I am not a fan of Google at all :)

    Well I guess the answer is the connection that is the closest to you wins. Obviously by what I stated above, if all I changed is the TAPI DNS server info, and my local connection has one dns, and my router has another, then the closest entry point for me to enter I would assume wins no? I can't speak how it is for all VPN's, but obviously for mine, it would be the closest entry point.

    Thanks for the link on Fox, I will go look it over now.
     
  5. The Oracle

    The Oracle Registered Member

    Joined:
    Dec 2, 2011
    Posts:
    78
    By the way, my router, which bugs me to no end, doesn't allow me the option to put a static DNS server in when I am using DHCP from my ISP. It's a linksys router, and that baffles me how I am forced to use the ISP and can't override this like I can on a network card.
     
  6. The Oracle

    The Oracle Registered Member

    Joined:
    Dec 2, 2011
    Posts:
    78
    You are right...it won't change my mind. Google is the personal information collecting monster of the world along with Facebook. I really don't ever want to use them if I don't have to.

    I like Norton too. I tried OpenDNS at first, but I was getting tons of pages blocked all over the place and not once since I switched to Norton has it happened. I would get 4 or 5 an hour on OpenDNS.

    So I am forced to choose between the better of two evils for my needs. OpenDNS it is for now. I have tried using Norton with my VPN, but I have a ton of connection issues then. They don't really leave me with any choice at all in the matter from what I can tell.
     
  7. The Oracle

    The Oracle Registered Member

    Joined:
    Dec 2, 2011
    Posts:
    78
    Accidentally skipped right over this question. I just figured it out, and was confused as to what I was looking at originally which was a little while back. I thought in order to use the DNS servers, you had to use the "premium" service. At the time, I couldn't find the DNS server info, without setting up an account. It must of been something I just didn't see at the time. I was wrong about what I was initially saying. Now I understand you can use the servers without that software. Just confusion on my part.
     
  8. The Oracle

    The Oracle Registered Member

    Joined:
    Dec 2, 2011
    Posts:
    78
    I also just tried another test with no settings at all and let everything get pushed to me through DHCP on all connections including TAPI. When I did the dnsleak test like this, it showed my VPN's server exit point. So obviously it is important to look for this stuff, and not just assume the VPN is assigning anything. If there is no DNS server on the TAPI card, then you are wide open.
     
  9. HKEY1952

    HKEY1952 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    648
    Location:
    HKEY/SECURITY/ (value not set)
    The Internet Providers DNS Servers can not be overwritten in the Linksys Router Status Tab displaying the information
    about the Internet Provider, as those DNS Server Addresses are aquired from the Internet Providers DHCP.

    To override the DNS Servers Addresses of the Internet Provider, one must enter static DNS Addresses in the Linksys
    Routers Setup Tab for the Local DHCP Server.

    Under the Local DHCP Server there are usually three DNS entries: DNS 1, DNS 2, DNS 3, and WINS

    WINS can be ignored, however, leaving DNS 1, DNS 2, and DNS 3 blank, will yield the Local DHCP Server issuing the
    Internet Providers DNS Server Addresses to the Local DHCP Clients.....so, to enter an static DNS Address and override
    the Internet Providers DNS Server Addresses, enter the preferred DNS Server Addresses to DNS 1, and DNS 2 for the
    Local DNS Server in the Linksys Router.

    Examples:
    OpenDNS = 208.67.222.222 and 208.67.220.220
    NortonDNS = 198.153.192.60 and 198.153.194.60 (family package, very strict network)

    OpenDNS Servers can be used without an OpenDNS Account benefiting in speed and basic security, however, to aquire
    the full benifits and security of OpenDNS one must start an OpenDNS Account. Norton DNS on the other hand does not
    require any Account at all and offers three DNS Packages: Basic, Medium, and Family. Family being the strictest and
    only requires entering the DNS Server Addresses of the chosen DNS Package.


    HKEY1952
     
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    For many routers, you can configure the DHCP server to push DNS servers that you specify. You can also have it forward the ones that it gets from the ISP.
     
  11. The Oracle

    The Oracle Registered Member

    Joined:
    Dec 2, 2011
    Posts:
    78
    I figured this part out while you were probably typing it. I set the DNS 1&2 for OpenDNS for now. Is there any benefit for putting the DNS info here versus assigning it on the actual network card? I can still put DHCP to pull to the network card and put a static DNS server. Pro's or Con's either way? At the moment, I have the same DNS server info at both places just while I play with it (which I know I don't need it in both).

    I will have to read up on what you mean by "full benefits" using an account. What I do worry about though is if I have an account, then I am tied into a central place where everything is tracked though no? Without using an account, then everything it tied to the exit of the VPN. Your way, I understand my IP is still the exit for the VPN, but now I have another fingerprint somewhere else.

    Norton isn't an option for me. Since I moved away from it yesterday, I haven't had any problems with connection issues with Boleh or any disconnects so far. When I used Norton, I had tons of problems staying connected or not being able to connect at all. In an email from them, they told me they weren't familiar with Norton and to use OpenDNS or Google. It took me a weeks worth of connection issues to figure that one out, including changing so many settings and not knowing where I was that I just rebuilt the system :(

    Anyone, please take notice to this about Boleh. I picked up Norton from suggestions in other threads on this site, and suffered a lot of headaches until I finally figured out this was causing my connection problems. Not to blame anyone at all, it was actually a good learning curve for me in the end of other things I have picked up along the way, but just simple suggestions like this and a noob can be in for a roller coaster ride if they happen to be tweaking other things and not realizing something so simple like this could be the problem. At first, it worked fine for me for a while (couple of weeks) then everything went to hell quickly. If I wasn't on a brand new clean machine, I might have never figured out this was the problem all along. Just passing the advice for all you tech geeks to burn into the back of your brain for later retrieval if needed ;)
     
  12. The Oracle

    The Oracle Registered Member

    Joined:
    Dec 2, 2011
    Posts:
    78
    Yea, I have been static for so long that I forgot to set this on the router yesterday when they told me I needed to use DHCP. I still don't understand why I need to use DHCP on the local network card (not TAPI) and not static, but that is a conversation outside of what I am talking about here I guess.
     
  13. HKEY1952

    HKEY1952 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    648
    Location:
    HKEY/SECURITY/ (value not set)
    It Is Just An Heuristic Thing





    HKEY1952
     
Loading...
Thread Status:
Not open for further replies.