Jump to content
Not connected, Your IP: 18.221.27.56

Recommended Posts

I am not sure when this started but seems AirVPN is now using OpenDNS to manage their DNS.

 

As a result, I am running into websites blocked by OpenDNS. 

 

One such website is www.middleeastjobs77.com, which forwards me to http://phish.opendns.com/main?wc=EWJvEwBmBh9AGxV0ABYCEh8%3D&url=www.middleeastjobs77.com%2Fq-project-management-engineering-jobs-karbala&nref=&w=1920&h=985&ifc=0

 

I would like to emphasize that I do not care about what OpenDNS thinks the website is nor do I care for their review process - I can make up my own mind about what the website is and I can choose to visit it if I wish. I believe AirVPN's culture/attitude has the same feelings as me about this subject, so hopefully steps can be taken to prevent censorship coming in from external sources.

 

For reference, I am on Alkes.

Share this post


Link to post

Does it happen with another server?

Which client do you use?

Do you have OpenDNS set on your network config?

Are you getting DNS leakages? Please check it on http://ipleak.net

It seems strange because each server should have it's own DNS and I get this:

 

Alkes United States Los Angeles Direct Yes0.06ms Yes200 0.00ms 38s ago

Share this post


Link to post

Hello!
 
We do not use and we have never used OpenDNS. We have our own DNS servers which resolve also NameCoin and OpenNIC names and allow you to use Geo-Location routing.
 
OpenDNS is not even compatible with our mission and DNS features of our DNS servers are reported very clearly, in part even in the home page, anyway please see:
https://airvpn.org/specs
 
@6501166996442015
Where in the world did you get the weird, curious, creepy, strange, peculiar, bizarre (ok, enough with the Thesaurus :D ) idea: "but seems AirVPN is now using OpenDNS to manage their DNS."?
 
Kind regards

Share this post


Link to post

well this is interesting. my dns definitely isn't leaking, but for some reason i get that openvpn page on more than one machine (using the same access point). will have to investigate. sorry for any confusion.

Share this post


Link to post

Can you connect AirVPN using port 53 ? Because it seems that traffic to that port is redirected to OpenDNS. Does it happen on a cellular smartphone?

Share this post


Link to post

Can you connect AirVPN using port 53 ? Because it seems that traffic to that port is redirected to OpenDNS. Does it happen on a cellular smartphone?

 

Yes you can connect over TCP or UDP port 53. This page specifies how they provide DNS and the other supported ports.

 

In my case, I am unable to connect over UDP 53. Apparently, my ISP hijacks this port.

Share this post


Link to post

Ok, this is strange. It's happening again. ipleak.net shows no leaks, dnsleaktest.com extensive shows I am only connected to server2.lax.airvpn.org.

 

vEx2J2t.png

My ISP does not block any websites, so even if there was some way my ISP DNS was getting in the way I still wouldn't be experiencing this.

OpenDNS is blocking me from accesing things like pornography

 

HNhwLEx.png
 

Share this post


Link to post

Ok, this is strange. It's happening again. ipleak.net shows no leaks, dnsleaktest.com extensive shows I am only connected to server2.lax.airvpn.org.

 

vEx2J2t.png

My ISP does not block any websites, so even if there was some way my ISP DNS was getting in the way I still wouldn't be experiencing this.

 

OpenDNS is blocking me from accesing things like pornography

 

HNhwLEx.png

 

Maybe is trying to tell you that you spend too much time on the prons!

 

are you sure that none of your hardware is using opendns, because Air will not block you.

Share this post


Link to post

Maybe is trying to tell you that you spend too much time on the prons!

 

are you sure that none of your hardware is using opendns, because Air will not block you.

 

Lol porn is just the easiest example. It's blocking everything it considers 'malicious,' including certain torrenting websites and such. It's really strange. I think I've narrowed it down to Chrome though, as I'm (currently, at least) not getting the same issue on IE.

Share this post


Link to post

Ok now it's happening on a completely separate machine in both IE & Chrome

 

This time doing an extended test with DNSLeakTest.com (with IE) returns ~5 different servers. AirVPN staff, please check if this is normal

 

KveKB7m.png

 

Edit: Also add *.13 to the list

 

VZdZ9ur.png

 

Edit 2: this legal document suggests that 302 Direct Media LLC. is a subsidiary/sister company of OpenDNS inc. http://www.copyright.gov/onlinesp/agents/o/opendns.pdf

Share this post


Link to post

I think you have some kind of spyware/malware.

 

Sent from my LG-D850 using Tapatalk

 

This is happening on more than one machine. If it was one machine then I can blame it on malware, but this appears to be something else.

Share this post


Link to post

So it happens to any of the airvpn servers you connect to.

 

Sent from my LG-D850 using Tapatalk

 

No, this started when I switched to Alkes. And when I switched to Alkes the only thing I changed was the IP address on my AirVPN ovpn config.

Share this post


Link to post

Are all these machines running via the same router?

Does that router use DHCP on the lan? and if so what dns is it offering to your computers?

 

I quickly read through the thread but didn't see what os you're on. Nor how your connecting. Without knowing your os / how your connecting and if there's a router providing dns - this is pretty much just a shot in the dark.

 

The only thing I would recommend is pick one of your machines and lock it down a bit more.

 

If not using the client:

-try using a static ip setup - not dhcp

-or set the dns on the pc manually @ 10.4.0.1 "the air dns servers"

-setup a decent firewall, turn on logging and see whats happening.

 

If using the client

-make sure the network lock is on and use the dns lock option.

Share this post


Link to post

 

Are all these machines running via the same router?

Does that router use DHCP on the lan? and if so what dns is it offering to your computers?

 

I quickly read through the thread but didn't see what os you're on. Nor how your connecting. Without knowing your os / how your connecting and if there's a router providing dns - this is pretty much just a shot in the dark.

 

The only thing I would recommend is pick one of your machines and lock it down a bit more.

 

If not using the client:

-try using a static ip setup - not dhcp

-or set the dns on the pc manually @ 10.4.0.1 "the air dns servers"

-setup a decent firewall, turn on logging and see whats happening.

 

If using the client

-make sure the network lock is on and use the dns lock option.

I use Windows 7/8. It's an OpenWRT router configured to use 10.4.0.1 and 10.5.0.1 with self-deployed OpenVPN.

 

There is a second ISP router which provides its own DNS but I'm not connecting to that DNS, and even if there was an ISP DNS leak it wouldn't be blocking me from accessing certain websites (which include random things like Google Cache). 

 

The real curious part of all of this (for me) is that server2.lax.airvpn.org was resolving to 204.194.237.19, which I believe is not an AirVPN server. I believe what is happening is that it's resolving that domain with the aforementioned IP and all the extra DNS servers are coming with it.

 

edit: I've switched out the router in question and now using a different one over Sabik instead of Alkes. hopefully this fixes the issue.

Share this post


Link to post

The real curious part of all of this (for me) is that server2.lax.airvpn.org was resolving to 204.194.237.19, which I believe is not an AirVPN server. I believe what is happening is that it's resolving that domain with the aforementioned IP and all the extra DNS servers are coming with it.

 

 

 

Hello,

 

curious indeed... 204.194.237.19 is not an IP address of ours (it seems to be assigned to Direct Media LLC) and server2.lax.airvpn.org is not an existing name. How it was defined on your system and how could it resolve into that IP address remains to be investigated, but only you can do it.

 

Kind regards

Share this post


Link to post

I'm thinking you're second router is hijacking any dns requests and forcing them.

 

Sent from my LG-D850 using Tapatalk

 

need to wait to hear back from him/her after the router switch.  it does sound like a router was being used for VPN.  in that case there are some questions re how DNS resolution was implemented.  I've seen some policy routing setups where LAN clients were routed through the VPN tunnel created by the openvpn client on the router but DNS queries were sent to the router which was in turn querying DNS outside the tunnel.  It's better to push to LAN clients via DHCP the actual DNS to use.  That way you can be sure their DNS queries are going through the tunnel.

Share this post


Link to post

If he is using Comodo CIS or even just the Comodo firewall it could also be a reason. Comodo updates sometimes change the DNS settings to theirs and since v8.0 they have a website security option which is set to on as default. If it is not switched off and you visit a blocked website it won't let you connect.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...