What dns numbers are correct ???

Hello !

When i look at secure dns homepage they say this 8.26.56.26 and
8.20.247.20.

But my computers use 156.154.70.25 and 156.154.71.25

What is the correct to use ???

Thank you for helping…

1 Like

When you install Comodo internet security premium 8.0.0.4344, it sets the following dns servers : 156.154.70.22 and 156.154.71.22. I don’t know if they are ok to use or if the new ones better. I would also really like to know… Any comment on this from COMODO staff would be well appreciated.

1 Like

This is a bit old, but I just had the same problem! Zemana anti-malware scanner detected it as a DNS Hijack, fixed it, then I manually set the DNS to 8.26.56.26 and 8.20.247.20. 156.154.70.25 and 156.154.71.25 say they are from Neustar, but I also see forums saying it is Comodo…Really strange.

I was having issues with some sort of DNS errors re-directing to Barefruit LTD (what happens when you mistype address, etc. and see advertising), but coming from SYSTEM, Windows Operating System, and I think some applications…different protocols, ports- seemed strange. After Zemana anti-malware’s repair, they all stopped using the perhaps old 8.2* comodo DNS address. Now I am worried that the 156* comodo addresses were maybe blocking some traffic to malware site, that is now enabled (hence no DNS errors and no Barefruit traffic).

It would be really helpful if Comodo would comment on this, because knowing the addresses to use is pretty basic. For now, I am switching it all to Norton DNS because I am a little concerned that it is so chaotic with Comodo (the comodo DNS website gives instructions for only XP and Vista, which may be the last time they updated the malware domains for that DNS : )

1 Like

Comodo used Neustar DNS in the past. Barefruit is a commercial service that

generates highly targeted traffic for ISPs by replacing DNS and HTTP errors with relevant advertising.
Does this redirect happen when using the DNS server in the 8.x.y.z or the 156.x.y.z range?

If I understand things correctly then the DNS server addresses in the 8 range are the most recent ones.

1 Like

I contacted Neustar, asked about the published 8.* IPs versus the 156.* IPs they say:

Comodo uses our recursive services to filter malicious content. So they might publish the IPs you listed for their customers but our servers handle the load. You can opt out of our DNS by using another public provider (Google, Verizon) or our non-filtered service at 156.154.70.11 and 156.154.71.11.

So, 156.154.70.22 and 156.154.71.22 are Neustar/UltaDNS and 8.26.56.26, 8.20.247.20 are Comodo, but still use Neustar/UltaDNS?

I had the redirect traffic only when using the 156.154.70.22 and 156.154.71.22, which were installed with CIS. It seems strange that the latest versions are using the old IPs, unless I understood the Neustar response and they are kind of the same. I also don’t understand why the redirect traffic stopped after Zemana anti-malware fixed the ‘hijack’ and I manually set to 8.26.56.26, 8.20.247.20. I am using Norton for now and still not receiving these.

A separate issue is why my system is contacting blocked links…but I am not sure how to figure this out, so I guess I really need the DNS filtering to work ???

1 Like

It has been noticed that there is a inconsistency over products about using what DNS servers. Captainsticks has escalated the question to Comodo. We’re still awaiting an answer.

I also don't understand why the redirect traffic stopped after Zemana anti-malware fixed the 'hijack' and I manually set to 8.26.56.26, 8.20.247.20. I am using Norton for now and still not receiving these.
Logic tells me that Neustar has a contract with Barefruit.
A separate issue is why my system is contacting blocked links...but I am not sure how to figure this out, so I guess I really need the DNS filtering to work ???
Please start a separate topic this. That your problem will get the undivided attention it deserves and this topic won't divert.
1 Like

Are there any news about that?. I have been using 156.154.70.22 and 156.154.71.22 because I cant bypass malware alert, when i think it is a false alarm, using 8.x.x.x, it doesnt works.

1 Like

It’s November 2024 and this still exists.
Comodo DNS are replaced by neustar DNS when you uninstall Comodo CIS Pro…

Without warning or notice