1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Dismiss Notice

change of dns server nullifies dns hijack, is bsnl server affected

Discussion in 'BSNL Mobile' started by rajujayaraman, May 23, 2017.

  1. rajujayaraman

    rajujayaraman Newbie

    Joined:
    Mar 6, 2012
    Messages:
    16
    Likes Received:
    0
    Hi, it is needless to describe more as it would seem that it is having anything to do with router instead of dns servers.
    Strange.
    When i scanned with a router security program, the test shows, dns hijack and also the hijacked domains are vk.com and yandex.ru. I think probably the router app, would be scanning for possible attackes . When i scan with the dhcp enabled, to obtain dns address automatically, it shows dns hijack vulnerability with a word to the effect, that it is already hijacked and gave me the solution to change the dns server to google or open dns.
    i just changed and done nothing and scanned again. Now there is no vulnerability found by the app. So, by changing the dns server if the attack is nullified, it denotes there is something security loss in default dns server, that is probably the bsnl dns server,
    Moreover nslookup google com lists the dns server of mine as unkown dns server with out any name and configuration of specific dns as given as domain.name .
    I am concerned with this because, if the dns server is compromized with hijack the attacker would not only would have hijacked my router alone.
    i have changed the dns server to google as i do not want any rogue dns diverting my internet accesses.
    i do not know how to bring to the notice of my service provider, as always it is not connection problem, but security problem. hope some experts would advise me, if it is possible to attack a default server?
     
  2. TechieTechie

    TechieTechie New Member

    Joined:
    Oct 12, 2017
    Messages:
    1
    Likes Received:
    0
    Hope had a chance to report back to service provider. Any response for correcting it. I believe their default gateway is compromised. I tried all levels to explain the problem, but none even seems to be aware of the dns hijack. If any permanent remedial measures known, please do share.