Something keeps changing DhcpNameServer

Discussion in 'privacy problems' started by zenapp, Jan 5, 2014.

Thread Status:
Not open for further replies.
  1. zenapp

    zenapp Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    9
    Hi

    I have the network and connection sharing centre with all network adapters clear of any dns settings.

    I noticed firewall requests to 8.8.8.8 so checked in the registry and its showing

    TCPIP DhcpNameServer as 8.8.8.8 8.8.8.4

    I would prefer to use OpenDNS so adjusted. I found it in the registry elsewhere too so changed it there also.

    On reboot it keeps reseting itself back to the old settings with 8.8.8.8 etc

    Can someone tell me how to capture what it is forcing google dns on a reboot.

    Thanks Zen
     
  2. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,103
    If you can login to your router as admin (assuming you know the password), you can look around and determine if it has the default DNS settings that you have identified. If so, you can change them to be OpenDNS.

    -- Tom
     
  3. zenapp

    zenapp Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    9
    Interesting

    Would it be the BT home hub or the Cisco router attached that supposedly provides me the security and firewall and VPN?

    Thanks
     
  4. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,103
    I would suspect the Cisco router as the primary candidate unless proven otherwise, as it would be the outermost device connected to the Internet, whereas the BT home hub would be in between the router and each home computer accessing the Internet. If it is the case that BT supplied the router, thus implying a default BT configuration, and the BT home hub is not running a DNS server on its equipment, then the Cisco router is surely the culprit. If, however, you purchased the Cisco router independently of the ISP provider and did not make any changes, it may be the case that it is setup by default to use the 8.8.8.8 DNS servers (from Google), or that that is the ISP default setup.

    If you don't know the router's default password (there is a long list of router default passwords published on the Internet) you could always ask your ISP provider's technical support crew for that information, and ask how long the password field is in terms of bytes which represent characters, and which character sets are allowed vs not allowed in the password field, e.g. alphanumeric, special characters. After you have successfully logged into your router, you should then run a password generator on your computer in another Terminal window, write down the generated password, and change the admin password on the router for the appropriate length. Then search for the DNS settings in the router's configuration and change them accordingly. Don't forget to write down the new admin password to the router, and put it in a safe place such as not to lose it when needed in the future.

    The only other cause of what you are experiencing would be if either the Cisco router and the BT hub are not involved in setting the DNS servers - in which case, your home OS is the culprit and it would be to be reconfigured to use the OpenDNS servers as you would like - but, first I would (in that situation) determine if the Cisco router has (very likely) DNS server settings that can be modified in its configuration (which would override any configuration setup in the OS).

    Note: When I asked my router's admin password length, the technical person I was talking to mis-informed me claiming it was 20 characters in length, after I had borked the changed password by trying to give it a 16 character length password. This was after my ISP changed all user passwords remotely to the Serial Number of each device which was a 14 character password. I had to reset the router to its default state, and then login using the serial number, and changed to a new password with the same length as the serial number. You, of course, have a different ISP than I.

    You should read the thread entitled Report accuses BT of backdooring domestic routers, and if it is possible to determine the ports involved, by all means close down those ports, or try to purchase your own router that is compatible with DD-WRT and/or Tomato firmware that you can configure yourself. If you do manage to close down the involved ports, test your changes by rebooting the router and re-logging into it, to see if your changes survived the reboot - otherwise, you must choose the alternate router path to be free of these nettlesome problems IMHO.

    Edit:
    Default Router Passwords - The internet's most comprehensive router password database. Just type in the manufacturer of your router in the Select Router Make field, and click on the Find Password button. If your router is not mentioned in the search results, just search for "router default passwords" in your favorite search engine to get a list of websites that many have more up-to-date information.
    End Edit

    -- Tom
     
    Last edited: Jan 6, 2014
Loading...
Thread Status:
Not open for further replies.