OpenDNS randomly started blocking sites today...

SteveDeFacto · 2013-10-24 18:09:00

I have been using OpenDNS for months now and it has worked flawlessly. I have no idea why but suddenly out of no where OpenDNS started blocking a bunch of sites for no reason. I can use Google DNS just fine. Why is this happening?

EDIT: I did a bit more testing and it seems to be a combination of my VPN with OpenDNS. I can use either one alone just fine. I have been using both together for months now without a problem. Could my VPN host actually be blocking certain sites with OpenDNS? (note I am using DNSCrypt but plain OpenDNS also blocks sites)

EDIT2: Only change this correlates to is me installing windows on a second hard drive but I had my linux hard drive unplugged during install.

Last edited by SteveDeFacto (2013-10-24 19:27:19)

HiImTye · 2013-10-24 22:53:45

do the sites fall in a specific IP range? I had some issues before when I was on Lubuntu where network-manager had misconfigured my static IP to use the wrong mask preventing my access to any website that started with 192.
http://ubuntuforums.org/archive/index.p … 57333.html

of course, if you're using DHCP that's obviously not the issue

fukawi2 · 2013-10-25 01:06:40

Moving to Networking, Server and Protection.

SteveDeFacto · 2013-10-25 04:59:10

Alright, I know what is going on now but I am a bit disturbed. Someone has signed up the IP address of the VPN server with the OpenDNS dashboard. By doing so they are able to collect stats, view all domains users have visited, and block sites... I doubt this person is the company providing the VPN server as I just signed up my home IP without any trouble. I know not what extra features the $20 plan offers but I would not be surprised if it allows redirecting domains as I have been redirected to sites which my plugins have detected as malicious...

I don't see how anyone can safely use OpenDNS unless they have control of the OpenDNS dashboard for that IP? I am confused about why no one points this out when they talk about using a VPN and OpenDNS?!

Last edited by SteveDeFacto (2013-10-25 05:00:23)

fukawi2 · 2013-10-25 06:50:28

I'm surprised, yet at the same time not surprised, that OpenDNS don't have any kind of verification around this, although I guess it wouldn't really be possible to verify who "owns" the VPN end-point IP Address since any of your VPN providers customers would be able to generate traffic from that IP, thereby demonstrating "ownership".

I really do not like OpenDNS and advised against using them, here's another (somewhat obscure) reason.

I see 2 solutions:
1) Upgrade your VPN to have you own dedicated end-point address (this may somewhat invalidate your reason for using the VPN though).
2) Contact your VPN provider, explain the issue to them and ask them to contact OpenDNS. They may be able to cancel the account and blacklist anyone else from making an account in future with their IP ranges given the circumstances.

SteveDeFacto · 2013-10-25 07:15:22

fukawi2 wrote:

I'm surprised, yet at the same time not surprised, that OpenDNS don't have any kind of verification around this, although I guess it wouldn't really be possible to verify who "owns" the VPN end-point IP Address since any of your VPN providers customers would be able to generate traffic from that IP, thereby demonstrating "ownership".
I really do not like OpenDNS and advised against using them, here's another (somewhat obscure) reason.
I see 2 solutions:
1) Upgrade your VPN to have you own dedicated end-point address (this may somewhat invalidate your reason for using the VPN though).
2) Contact your VPN provider, explain the issue to them and ask them to contact OpenDNS. They may be able to cancel the account and blacklist anyone else from making an account in future with their IP ranges given the circumstances.

Do you know of any other encrypted DNS solutions?

nomorewindows · 2013-10-25 14:14:26

Might help to do a traceroute to see where it is going.

SteveDeFacto · 2013-10-26 12:47:38

I'm going to post my findings for other VPN users. I think TorDNS with dnsmasq is the best solution

mex4150 · 2015-06-22 03:50:37

Yes this is very disturbing. Anyone can register an entire network, I assume even Class A, and then they control that network. Where I live its a shared network connection, so someone registered the entire network of the internet provider as their own, placed OpenDNS as the DNS in the router, and is happily spying on what everyone does on the internet, and then gleefully blocking sites at will. This alone makes OpenDNS a completely useless service. It should not be possible that someone can register public IP's ranges of ISP providers, and then spy on the users of that network at will, or at least anyone that happens to be using OpenDNS, and then make their own block lists. Very bad system.

ewaller · 2015-06-22 04:00:40

After almost two years, I think this thread is done. Closing.
https://wiki.archlinux.org/index.php/Fo … bumping.22

Arch Linux

#1 2013-10-24 18:09:00

OpenDNS randomly started blocking sites today...

#2 2013-10-24 22:53:45

Re: OpenDNS randomly started blocking sites today...

#3 2013-10-25 01:06:40

Re: OpenDNS randomly started blocking sites today...

#4 2013-10-25 04:59:10

Re: OpenDNS randomly started blocking sites today...

#5 2013-10-25 06:50:28

Re: OpenDNS randomly started blocking sites today...

#6 2013-10-25 07:15:22

Re: OpenDNS randomly started blocking sites today...

#7 2013-10-25 14:14:26

Re: OpenDNS randomly started blocking sites today...

#8 2013-10-26 12:47:38

Re: OpenDNS randomly started blocking sites today...

#9 2015-06-22 03:50:37

Re: OpenDNS randomly started blocking sites today...

#10 2015-06-22 04:00:40

Re: OpenDNS randomly started blocking sites today...

Board footer