Jump to content
TorGuard
  • 0

AT&T hijacking DNS

Rate this question


DrErMER

Question

TorGuard V 0.3.47

Debian jessie

ISP AT&T

 

I can't stop AT&T from hijacking my DNS requests. When I first connect with TorGuard (stop DNS blocking enabled) DNSLeakTest shows various DNS servers depending on what TorGuard server I use. But after a few minutes, anywhere from immediately to 30 mins, AT&T starts hijacking my DNS requests.

 

Any suggestions?

 

Thanks AT&T for you douchebaggery, but there is no reason you need to know what I'm doing. I f'n hate being tracked!

  • Like 1
Link to post
Share on other sites

4 answers to this question

Recommended Posts

  • 0

Okay, DNS was (port 53) was firewalled in the modem. Opening the port seems to have solved the problem.

 

UPDATE: Nope AT&T still hijacking my DNS requests. WTH?

Link to post
Share on other sites
  • 0
Support

Hello


 


You could try set DNS directly at the interface, try editing: /etc/network/interfaces


 


Add this to the bottom:


 


dns-nameservers 104.223.91.194 104.223.91.210


 


Save/Reboot and retest.


 


Regards


Link to post
Share on other sites
  • 0

Okay, if I go into the modem and shut down IPv6 the hijacking of DNS through TorGuard stops. All my other internet traffic on other computers slows to a crawl.

 

Is there a way on linux to force all traffic to go over IPv4? It looks like this is possible with Viscosity but not OpenVPN????

Link to post
Share on other sites
  • 0

Okay, I found a work around for the problem, it's not what I'd call a fix.

 

If I configure grub (GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1") to disable IPv6 then all of my DNS settings (in resolv.conf) are used and there is no DNS leak while TorGuard is running.

 

If I leave IPv6 enabled then AT&T hijacks all of my DNS requests regardless of what my DNS settings are in resolv.conf or whether TorGuard is running.

 

Is there some sort of IPv6 leak in TorGuard??? It looks like TorGuard modifies resolv.conf while running but it's not suppling an IPv6 nameserver and since it comments out all of your configured name servers, any IPv6 request end up susceptible to being hijacked(?). I'm speculating but something is going on and it's making TorGuard leaky on AT&T ISPs.

 

I'd like to get an acknowledgement from an admin that this problem is being looked at.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...