OpenDNS blocking common sites? (Syrian Electronic Army?)

Discussion in 'privacy problems' started by JackmanG, Aug 30, 2013.

Thread Status:
Not open for further replies.
  1. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    I just noticed this today, but a lot of popular websites are now blocked by OpenDNS...

    BankofAmerica.com (all their domains, actually)
    Mozilla.org
    HuffingtonPost.com
    TechCrunch.com
    Starbucks.com...

    Even TomsHardware.com

    I have to assume it has to do with this:

    Companies rush to lock Web domains after 'NYT' hack

    It looks like pretty much every site on that list is now unreachable if you attempt to go through OpenDNS.


    ::EDIT::
    OpenDNS blog:

    High Profile Domains Under Siege
     
    Last edited by a moderator: Aug 30, 2013
  2. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    Okay it's now gotten ridiculous. The Internet has been virtually crippled.

    What's weird is that blog post from OpenDNS was from at least 3 days ago...but I'm only now experiencing blocks.

    And their Twitter accounts from that day make it sound like they had a total handle on the situation, and were rerouting their users to the proper locations (and avoiding the bad nameservers).

    But now nearly every site I attempt to visit is just blocked. You name it. Google, Yahoo, and random urls I just make up seem to be the only ones that work. (And oddly enough, nytimes.com works.) But everything else is blocked. Everything. Even this one.

    The only way I can get anywhere is by switching DNS.

    Anyone else having this issue? (I suppose if you're reading this, you either don't use OpenDNS or switched it off already)
     
  3. guest

    guest Guest

    Using Norton DNS here and I can open all the websites you listed. Hmm, OpenDNS went overboard? :doubt:
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    -http://www.ccc.de/ is working just fine.
     
  5. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    Well sure, if you're using a different DNS, I would expect those sites would work. As I said, even this site, wilderssecurity.com is blocked with OpenDNS (meaning I obviously am able to access it by switching to another.)

    I'm asking if anyone else has replicated the same issue...as in, use OpenDNS and not be able to visit nearly any popular site. I'm not sure what Norton has to do with this.

    I don't get it. Do they provide DNS services?
     
  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    I'm not experiencing any visible blocking of the websites mentioned here in a clean virtual machine with no OpenDNS account. Interestingly, ccc.de doesn't load when using OpenDNS.
     
  7. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    ...but you're using OpenDNS nameservers?
     
  8. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
  9. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    :blink: Wilders have never been blocked by OpenDNS anytime during the 5 years I have used them :doubt:

    And not today either as I write this message using OpenDNS.
     
  10. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Yes, they do. Their DNS server is on JonDoNYM's list of censorship-free DNS servers -https://anonymous-proxy-servers.net/wiki/index.php/Censorship-free_DNS_servers
     
  12. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    You, or someone else on your network, has setup on OpenDNS account. They have then added your IP address to that account and selected the option to block software & forums. This much is obvious from reading your screenshot.

    No one else here is experiencing the same issues because A) we don't have an OpenDNS account or B) we have not opted into blocking software and/or forum websites.
     
  13. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Yes exactly, if he would at least untick the "forum & message" category he would be able to get onto Wilders anyway, but I would untick both categories.

    I still wonder if it was him, or anyone else that activated these hmmm...since he doesn't seem to be aware about it :doubt:
     
  14. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    I think what happened is I changed IPs...

    I've never bothered to sign up for an OpenDNS account. If that's how it works, and all you do is set up an account and it ties to that IP, it seems like a pretty nasty trick you could play...setting up accounts on a bunch of IPs, and then if someone else ever happens to get assigned one, they won't be able to use OpenDNS.

    Is there some kind of guard to prevent this?
     
  15. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    You can't manually enter an IP, only update to your current IP, but I believe that an IP never expires.

    So if someone else with a dynamic IP updates it, but then has their IP changed, that old IP will never expire unless they update to their new IP.

    The only workaround is to make an account and use the OpenDNS updater, or turn off your modem for a few minutes to force a new IP.
     
    Last edited: Sep 1, 2013
  16. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    Ah, so if you ended up getting assigned an IP that was already associated with someone else's OpenDNS account, you could just log in to your own account and associate the IP you're on with your own account and regain control?
     
  17. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    This should not be able to happen, this means that the old "IP Owner" had these categories blocked, then you got this IP and now you also have them blocked.

    It shouldn't work like that, and i'm pretty sure it doesn't. If you haven't created an account that you login to on OpenDNS.com theres no way afaik you can chose what categories to block, except the default phishing protection you get when using OpenDNS without an account.

    Even if you are using the OpenDNS IP's for the "Family Shield" these categories are not included.

    Interesting story this :)
     
  18. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Yep that should work.
     
  19. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    So, if I'm using some VPN exit, or even a Tor exit, can I create an OpenVPN account associated with that shared IP address?

    That would be seriously messed up!

    Maybe I'll try it ;)
     
  20. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    That's what I'm saying. I never had a need to actually set up an account, I just use their nameservers. So I wasn't familiar with that.

    As far as I can tell, the only reason you'd want an account is if you wanted to institute restrictions on the surfing that takes place on your network (e.g. blocking sites you don't want your kids to visit).

    But if all someone has to do is setup an account (or sign in to their existing account) with the IP, and they are then able to easily update the association to gain control of the OpenDNS settings for that IP, then I suppose it's no big deal.

    If you get assigned an IP that someone has already associated with an OpenDNS account, obviously the average lay person is most likely going to be using their ISP's nameservers, so they wouldn't be affected anyway...and anyone who did use OpenDNS would likely either know enough to change the settings, or at least attempt to log in to their account and see what was going on.

    At the very least I would figure someone in that situation would contact the company or ask somewhere and determine what happened, as I did here.

    The main thing is just having a way to regain control of the restrictions. As long as you are able to do that, it really doesn't matter.
     
Loading...
Thread Status:
Not open for further replies.