How can I tell if my ISP is redirecting my DNS queries?

dns isp opendns
5,899

Solution 1

Call them and ask?

From a thread on the OpenDNS forums (dated Feb. 2010):

i spoke with Sprint today.

here is what the guy i spoke with on the phone told me.

"yes, sprint is redirecting DNS on port 53" (obviously we, at opendns,know this) "yes, even for static accounts"

Apparently there may be a firmware upgrade for your Sprint device that allows OpenDNS usage, according to a linked PDF from Sprint in that same message.

Solution 2

There are different ways to check if your ISP is using transparent DNS proxy. It depends on how your ISP has implemented it. My ISP redirects all port 53 requests to their own recursive DNS server (They don't serve advertisements on NXDOMAIN though. Maybe they use it for logging or to prevent DNS tunneling). I will mention some general ways to detect.

  1. The easiest method is to use Netalyzr android app or the Namebench windows software by Google. They will inform you if your ISP is using a DNS proxy. You don't need any technical knowledge for this.

namebench screenshot

  1. Perform a DNS lookup to an authoritative nameserver and check if the reply is authoritative. For this example I will use dig. You can also use nslookup too. If the reply is authoritative, dig will display the aa flag in the reply. Now, a.ns.facebook.com is the authoritative NS of fb.me. If your ISP intercepts and redirects the request, you won't get an authoritative reply.

    dig @a.ns.facebook.com fb.me (Left one don't intercept DNS)

dig authoritative NS

  1. specify an IP address where no DNS server is running, as the DNS server while performing dig or nslookup. You will still receive reply if your ISP intercepts your request. Otherwise you will get Time Out. (Right one intercepts and redirects requests)

dig with wrong server

  1. Use nmap on random IP addresses. You will always see port 53 open, if your ISP redirects all port 53 requests.

  2. Change your computer network settings and use Google public DNS or OpenDNS or Cloudflare DNS IP (Use one provider type at a time). Then go to Dns Leak Test website and notice if any different provider(s) is(are) appearing.

Bypassing this ISP intercepting is not hard. You need to use DNScrypt/DNS over TLS or use any DNS server which runs on non-standard ports (eg: 5353 or 443). In the second method, you have to use your router or computer firewall to redirect outgoing DNS queries to those ports. Discussing these methods in detail is out of scope of this post.

Share:
5,899

Related videos on Youtube

Nack
Author by

Nack

Degree in Computer Engineering 1993, been programming or leading teams of programmers ever since.

Updated on September 17, 2022

Comments

  • Nack
    Nack almost 2 years

    I've attempted to use some DNS services like OpenDNS, and no matter what I do the DNS queries don't return the expected results. Watching the packet traffic on my firewall, I can see the queries go out to the intended DNS server address and responses coming back, but the results are not as expected, for example, the OpenDNS test page always fails even though the requests appear to be going to their servers.

    I suspect my ISP is intercepting DNS queries and sending them to their own servers. Is there a way to verify this? Is there something else I might be missing? I'm using 3G wireless service from Sprint.

    • uxout
      uxout over 13 years
      FYI, it may be against the terms of service on a wireless agreement to use different DNS! You should check.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Configure IP updater for OpenDNS
What is my DNS server?
How to force browsers/ISPs to look for my new DNS?
How can I host a website on a dynamically-assigned IP address?
Comcast Router blocks DNS settings
Use different DNS servers for different domains?
Prevent users from changing LAN settings
High bandwidth usage from "Service Traffic" on only one ISP
How can I check if my ISP is intercepting DNS queries sent to alternative DNS servers?
Does using OpenDNS have any disadvantages?