cancel
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
AlistarS
Online Community Manager
Online Community Manager

Re: DNS Hijacking (F@ST 5366)

Hey CHLUI ! 


Dan's still working through this with the device team and they are yet to come back with an update as of yet. I'll forward this on myself to see if we can *bump them to get another update if they have one.


I'll keep you posted or get Dan to post back once he has an update 🙂

chlui
New Contributor
New Contributor

Re: DNS Hijacking (F@ST 5366)

Thank you AlistarS

0 Kudos
Reply
vradiazei
New Contributor
New Contributor

Re: DNS Hijacking (F@ST 5366)

This is just appalling. Got my new Optus Router (F@ST 5366) and it seems they have gone to the effort of purposefully hijacking our DNS and not giving the option to change it. I refuse to use this router. I'm not sure if you just want to sell our data or it's something imposed by our increasingly authoritarian government, but this has to stop.

Can't wait for DNS over HTTPS to become the norm and for this absolute joke to come to and end. Privacy exists for a reason.

The fact that Optus have also taken months to respond with absolutely nothing in this thread is also a joke.

Sincerely,
A really annoyed Optus customer.

0 Kudos
Reply
Dan_C
Online Community Manager
Online Community Manager

Re: DNS Hijacking (F@ST 5366)

Hey guys.

I’ve been going back and forth with product to try and get a clear understanding of the current state of the GUI (just in in terms of the features that are currently locked) They’ve advised that the bug which was preventing customers from being able to create a DNS redirection entry has been resolved. Now, I’ve been told that a custom DNS cannot be set on a modem level (WAN). Rather, it needs to be setup on an individual device level.

For example, from the Network sharing centre on a Windows 10 PC. As for the reasoning behind this, it’s all related to Network security. For example, cross site forgery attacks or DNS hijacks which would direct all customer traffic to malicious server.

In saying that, we’re actually making an assessment on the benefit of enabling certain features and how best to mitigate any security risks.

------------------------------------------------------------------------------------------------------------------
If you've found my answer helpful, please mark it as a Accepted Solution and be generous with that Kudos button Smiley Happy
0 Kudos
Reply
grantsayer
Occasional Contributor
Occasional Contributor

Re: DNS Hijacking (F@ST 5366)

Hi 

Just got the modem today with connection and noticed this issue. Followed you instructions but found the following:

1. Can locate the DNS Modem settings page

2. The Enable is highlighted

3. Unable to edit the Primary or Secondary DNS servers

It appears the DNS configuration is locked down, which is annoying and not helpful.

 

Tags (3)
R3XNebular
Occasional Contributor
Occasional Contributor

Re: DNS Hijacking (F@ST 5366)

How did you bridge the F@ST 5366 to the Netgear Orbi if you dont mind me asking... Struggling

0 Kudos
Reply
Davelew
Crowd Champion
Crowd Champion

Re: DNS Hijacking (F@ST 5366)

Follow the video instructions 'how to quickly install the Orbi WiFi system' in this link.
https://www.netgear.com/support/product/RBK20.aspx#GettingStarted_CommonTopics

__________________________________________________________________________
I’m a Yes Crowd Champion (not an Optus employee). I share my knowledge on Yes Crowd on a voluntary basis. If I answered your question, please mark it as a Accepted Solution. If I helped you out, hit that Kudos button Smiley Happy
0 Kudos
Reply
carl_e
New Contributor
New Contributor

Re: DNS Hijacking (F@ST 5366)

Was just upgraded and now also having the aforementioned issue.

Any progress/solution on this? 

0 Kudos
Reply
Dan_C
Online Community Manager
Online Community Manager

Re: DNS Hijacking (F@ST 5366)

Nothing yet guys.


We've been promised an update as soon as there's been progress, but nothing has come @Ray_YC and I's way.


Again, it's not something that they've guaranteed that they'll be enabling.  Last we heard, they were making an assessment as to whether they'll allow customers to use a customer DNS on modem level. 

------------------------------------------------------------------------------------------------------------------
If you've found my answer helpful, please mark it as a Accepted Solution and be generous with that Kudos button Smiley Happy
0 Kudos
Reply
know1
New Contributor
New Contributor

Re: DNS Hijacking (F@ST 5366)

Even if they do update the GUI to allow you to change it it wont make a difference, they are still rewriting packets on the way through the router.

nslookup to 1.1.1.1 from an externally hosted server

[root@vmx111 ~]$ nslookup
> server 1.1.1.1
Default server: 1.1.1.1
Address: 1.1.1.1#53
> eztv.ag
Server: 1.1.1.1
Address: 1.1.1.1#53

Non-authoritative answer:
Name: eztv.ag
Address: 104.31.******

Correctly looks up the cloudflare IP

 

Lookup from PC behind Optus configured F@st 5366

C:\Users\User1>nslookup
Default Server: one.one.one.one
Address: 1.1.1.1

> eztv.ag
Server: one.one.one.one
Address: 1.1.1.1

Name: eztv.ag
Addresses: 52.63.254.107
54.79.120.47
52.65.123.76
52.64.245.147
54.153.213.68
54.252.135.252
13.55.225.248

Points to Aus Gov copyright page IPs.

 

All the google devices rely on talking to Google's DNS servers (8.8.8.8, 8.8.4.4) I've seen various problems when they cant.

I bet Optus fiddling the packets will cause problems for Google devices, amongst others.

Bring on DNS over TLS or DNS over HTTPs
#MakeTheNetGreatAgain

0 Kudos
Reply