Jump to content
TorGuard
  • 0
Sign in to follow this  
DrErMER

AT&T hijacking DNS

Rate this question

Question

DrErMER

TorGuard V 0.3.47

Debian jessie

ISP AT&T

 

I can't stop AT&T from hijacking my DNS requests. When I first connect with TorGuard (stop DNS blocking enabled) DNSLeakTest shows various DNS servers depending on what TorGuard server I use. But after a few minutes, anywhere from immediately to 30 mins, AT&T starts hijacking my DNS requests.

 

Any suggestions?

 

Thanks AT&T for you douchebaggery, but there is no reason you need to know what I'm doing. I f'n hate being tracked!

  • Like 1

Share this post


Link to post
Share on other sites

4 answers to this question

Recommended Posts

  • 0
DrErMER

Okay, DNS was (port 53) was firewalled in the modem. Opening the port seems to have solved the problem.

 

UPDATE: Nope AT&T still hijacking my DNS requests. WTH?

Share this post


Link to post
Share on other sites
  • 0
Support

Hello


 


You could try set DNS directly at the interface, try editing: /etc/network/interfaces


 


Add this to the bottom:


 


dns-nameservers 104.223.91.194 104.223.91.210


 


Save/Reboot and retest.


 


Regards


Share this post


Link to post
Share on other sites
  • 0
DrErMER

Okay, if I go into the modem and shut down IPv6 the hijacking of DNS through TorGuard stops. All my other internet traffic on other computers slows to a crawl.

 

Is there a way on linux to force all traffic to go over IPv4? It looks like this is possible with Viscosity but not OpenVPN????

Share this post


Link to post
Share on other sites
  • 0
DrErMER

Okay, I found a work around for the problem, it's not what I'd call a fix.

 

If I configure grub (GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1") to disable IPv6 then all of my DNS settings (in resolv.conf) are used and there is no DNS leak while TorGuard is running.

 

If I leave IPv6 enabled then AT&T hijacks all of my DNS requests regardless of what my DNS settings are in resolv.conf or whether TorGuard is running.

 

Is there some sort of IPv6 leak in TorGuard??? It looks like TorGuard modifies resolv.conf while running but it's not suppling an IPv6 nameserver and since it comments out all of your configured name servers, any IPv6 request end up susceptible to being hijacked(?). I'm speculating but something is going on and it's making TorGuard leaky on AT&T ISPs.

 

I'd like to get an acknowledgement from an admin that this problem is being looked at.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×