Search the Community
Showing results for tags 'isp'.
19807409 posted a question in VPN Router SupportCheck DNS requests guide (webarchive) In previous guide, I described how to get rid of your ISP or any other service (even TorGuard itself) hijacking your DNS (webarchive) In this topic I will show how you simply can find out what exactly is going on with port 53 which is default DNS port. Requierments HowTo/Wiki/Links Please read about tcpdump usage and how to on github, I will show here one exampe where I do check DNS requests on tun0 which is my openvpn tunnel connected to TorGuard. You can filter the command from the codebox below, but for simplicity, here it is: # tcpdump -vvv -i YOURINTERFACE port PORTNUMBER # Please lookup here for explanation of other options # - https://github.com/the-tcpdump-group/tcpdump tcpdump -vvv -i tun0 port 53 Logfile of test dump (it is long, that is why I'll put it into spoiler, for better overview) This is example of port 53 (DNS requests) when starting a stream on netflix US : (it will run until you stop it, you can do it by pressing CTRL+C on your keyboard) Results Here we received 26 packets and now we have clear DNS requests overview. What did we find? Let's take one line out of this log, this as example: 05:40:20.548149 IP (tos 0x0, ttl 64, id 59800, offset 0, flags [none], proto UDP (17), length 529) b.resolvers.Level3.net.53 > 10.35.0.6.25006: [udp sum ok] 38042 q: A? ipv4_1-lagg0-c158.1.ord001.ix.nflxvideo.net. 1/8/10 ipv4_1-lagg0-c158.1.ord001.ix.nflxvideo.net. [1h] A 188.8.131.52 ns: ix.nflxvideo.net. [3h48m5s] NS pdns154.ultradns.com., ix.nflxvideo.net. [3h48m5s] NS pdns154.ultradns.net., ix.nflxvideo.net. [3h48m5s] NS ns2.p30.dynect.net., ix.nflxvideo.net. [3h48m5s] NS ns3.p30.dynect.net., ix.nflxvideo.net. [3h48m5s] NS pdns154.ultradns.biz., ix.nflxvideo.net. [3h48m5s] NS pdns154.ultradns.org., ix.nflxvideo.net. [3h48m5s] NS ns4.p30.dynect.net., ix.nflxvideo.net. [3h48m5s] NS ns1.p30.dynect.net. ar: pdns154.ultradns.com. [1d19h29m25s] A 184.108.40.206, pdns154.ultradns.com. [16h59m27s] AAAA 2001:502:f3ff::be, ns3.p30.dynect.net. [3h48m10s] A 220.127.116.11, pdns154.ultradns.org. [15h27m14s] AAAA 2001:502:4612::be, ns4.p30.dynect.net. [3h48m10s] A 18.104.22.168, ns2.p30.dynect.net. [3h48m10s] A 22.214.171.124, pdns154.ultradns.net. [1d3h48m5s] A 126.96.36.199, pdns154.ultradns.net. [2h55m55s] AAAA 2610:a1:1014::be, pdns154.ultradns.biz. [15h27m14s] AAAA 2610:a1:1015::be, ns1.p30.dynect.net. [3h48m10s] A 188.8.131.52 (501) Basicly, all lines do the same if you take closer look, when you press play button on your browser, netflix does contact these servers on port 53. Choosen line in more understandable format Please do not think that preventing netflix to make this check (dns request) will help you with their service, this is not enough. But if you need to redirect anything, then this is how to get required information or simply to log your network. If there are requests, I'll write you a gui for Luci in openwrt where you can make these tests or whatever could be the goal of the requested app. You are free to discuss about your (or my ) results, check your ISP's and if you are conform with anything, well, listening to people on internet is not good, trying it out and doing yourself is good. At the end, whatever you want to do, you can automate it, ie. redirecting all these requests to your StreamIP (lol , this would have worked until the last crackdown but not anymore). Other services still work with that and there are plenty of streaming services. However, its good to know what your network does, at least on important ports like D Hope my terrible english is good enough for writting guides, but sorry for typos or some strange expressions.
I have posted already how to prevent hijacking of your DNS by your IP. There are some ISP's like Verizon, T-Mobile, ... which do send all traffic over port 53 (yes, they hijack your DNS), regardless of which DNS servers you use. Here is how to get rid of that and redirect it to some another address with help of iptables instead editing dnsmasq in WebIF (which is still my preferable solution for most tasks), in this example I'll redirect all dns requests to my custom dns server, to lan1 in this case, which is my local DNS Server Openwrt (I think ddwrt should work too, but I did not test it on ddwrt but basicly it should be the same, just check the names of devices) iptables -t nat -A PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to 192.168.1.1 On openwrt and other releases, switch on masquerading, it is required. Now a question to TorGuard, do you/can you offer alternative ports for those who maybe can't use first method described, neither this second solution. To find out what is going on through your DNS port, read here.
Torguard is no longer unblocking torrent sites in the UK on Sky Broadband (ISP). Trying to access these sites takes you too the page: "SKY. Access Blocked. Sorry, this web site is not available through your service provider. We are required by Court order to prevent access to this site in order to help protect against copyright infringement." Which is what you would get if you are not connected to a VPN. However I can no longer reach the sites when connected to Torguards VPN. This only began a few days ago (from the date of this post) as far as I am aware. I don't know if I could access it through the stealth servers, as I never seem to be able to connect to them. Is anyone else on Sky Broadband in the UK having this issue? Does the ISP have a new way to combat VPN's or am I leaking information? Thanks.
Hello, I subscribed your 1 month VPN service and I'm doing some tests to see if I will subscribe the annual plan. But before that I need to know some things. I thought that with the VPN service I would hide my traffic form my ISP service, but I'm seeing in the ISP web page that the downloaded data still counts. Is there anything that I need to configure, or use some other apps to hide the traffic from my ISP, or is that not possible? Another question, which is the best server that I should choose, does it make any sense a server form my own country? or the nearest? Thanks Best Regards ASilva