Taken to random websites when clicking on links

mof · April 28, 2015, 3:39pm

My girlfriend was browsing the web last night on this wireless connection and clicked my Google home page, only to get the ‘‘Untrusted site’’ page. I then went to yahoo.com and clicked on the youtube link only to be taken to some iranian website.

Clicked on another websearch link and it took me to a totally different website. Did an AV scan - all clean. Did an MBAR scan - all clean. I checked my connection info and it said ‘‘Unidentified Network’’. It’s now back to my normal connection name with everything working fine.

There’s 2 routers in the place i’m staying. Since they put the 2nd router in i quite often have to turn off both routers to get a wireless connection.

Had one of those ‘‘Another computer on this network has the same IP address as this computer’’ pop ups today.
I’m staying in a hotel in SE Asia, and the 2nd router was put in as the signal from the original was poor. Just checked my DNS number and its the following : 156.154.70.22
Did a google search and i think thats the old Comodo free DNS???
Was my DNS hacked for a short while?

Any ideas what this could be?

Thanks

mof · April 28, 2015, 4:20pm

So it looks as though 156.154.70.22 is a Comodo DNS server.

Is the new DNS Comodo number the most secure?

captainsticks · April 29, 2015, 11:41am

Hi mof,
Sorry I am not sure why you are being redirected to random sites.

The quote below is my understanding of Comodo Secure DNS settings and I expect the newer settings to be more secure.

Kind regards.

captainsticks post:17:

Thanks Buket,
So my understanding is as follows.
Previous Comodo Secure DNS = 156.154.70.22/156.154.71.22.
Current Secure DNS = 8.26.56.26/8.20.247.20
This can be checked using the following link, if you are using the correct settings you should see the active Secure DNS page. (See screenshots)
http://welcome.dnsbycomodo.com/

If you had previous versions (5.x) installed and selected Secure DNS during installation, you would have activated the old settings.
Uninstalling previous versions (5.x) does not revert your settings back to default, so therefore the old settings remain.
If you had a previous version (5.x) installed and selected Secure DNS during installation then updated to the current version not Selecting Secure DNS, then the old DNS settings would remain.
With the current version if you selected Secure DNS during installation, you would have activated the new settings.
Uninstalling the current version reverts your DNS settings back to default.

I hope my understanding is correct and that it helps clear up some issues regarding the two different settings available.

jebuchanan · April 29, 2015, 8:28pm

I selected to use Comodo’s Secure DNS during installation (Clean install, v8.2), clean install of Windows 7.
I just checked the DNS the computer is using.
156.154.70.22/156.154.71.22.

This above link says I am not on secure DNS.
So, what am I connecting to?

These above IPs are the servers 8.2 set up on this computer (clean Windows install, clean CIS install).
If 8.2 is using old servers, then this is a serious bug that needs be remedied asap.

8.26.56.26/8.20.247.20 as I understand it, is what CIS should have set up on here, correct?

Edit.
I’m at a loss. Even after changing the DNS (IPv4) to the new numbers and rebooting, I am still being told I’m not using Secure DNS.
What is wrong here?
Have reset to the original servers CIS set up.

Edit 2
I am currently using an Eastlink Motorola router. I am not about to change their router’s DNS server settings in case this router ends up with another user that doesn’t want their sites blocked/filtered.

SanyaIV · April 29, 2015, 9:12pm

Try running the extended test of https://www.dnsleaktest.com/ if it shows Comodos DNS then it’s set up fine, if it shows your ISPs DNS then they might “hijack” the DNS request, although I don’t think ISPs usually do that.

Edit: Or maybe http://welcome.dnsbycomodo.com/ is borked.

jebuchanan · April 29, 2015, 9:29pm

I believe it is using the servers listed in the router.
I’ve run the test 3 times.

captainsticks · April 30, 2015, 12:00am

John Buchanan post:4:

I selected to use Comodo’s Secure DNS during installation (Clean install, v8.2), clean install of Windows 7.
I just checked the DNS the computer is using.
156.154.70.22/156.154.71.22.

This above link says I am not on secure DNS.
So, what am I connecting to?

These above IPs are the servers 8.2 set up on this computer (clean Windows install, clean CIS install).
If 8.2 is using old servers, then this is a serious bug that needs be remedied asap.

8.26.56.26/8.20.247.20 as I understand it, is what CIS should have set up on here, correct?

Edit.
I’m at a loss. Even after changing the DNS (IPv4) to the new numbers and rebooting, I am still being told I’m not using Secure DNS.
What is wrong here?
Have reset to the original servers CIS set up.

Edit 2
I am currently using an Eastlink Motorola router. I am not about to change their router’s DNS server settings in case this router ends up with another user that doesn’t want their sites blocked/filtered.

Hi John,
I agree that CIS version 8.2 should be using the new settings.
I will have PMed the Staff member that I have had some interaction with in regards to the DNS settings.

Kind regards.