cancel
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Strider365
Occasional Contributor
Occasional Contributor

Re: DNS Hijacking (F@ST 5366)

think its important to list the Firmware you are testing with

I'm currently on last 3 digit 125

and it is allowing client windows 10 devices settings to pass through.

However the modems DNS handling sucks so bad...

if you dont need this modem for the phone Replace for a fix

 

Spent 3 call with Optus techs denying anything is issue

 

 

 

0 Kudos
Reply
fester13131
New Contributor
New Contributor

Re: DNS Hijacking (F@ST 5366)

 

Guys - Optus lock down your the DNS for two reasons , 1) is security and 2) It saves them bandwidth not having to ask external DNS servers .

The router packet sniffing will be able to see DNS type packets and redirect them to Optus DNS servers.

What you can do is install DNScrypt  DNS application on one of your servers and then point your other hosts to that one . That will make encrypted DNS queries out through the Optus router which it wont be able to recognise as DNS packets .

https://www.opendns.com/about/innovations/dnscrypt/

Sorab
Occasional Contributor
Occasional Contributor

Re: DNS Hijacking (F@ST 5366)

As of Version 109, it now shows the DNS servers, but it still cannot be edited.109.png

0 Kudos
Reply
zachwingrave
New Contributor
New Contributor

Re: DNS Hijacking (F@ST 5366)

Same problem here on firmware version SG4Y1T000109. Would appreciate Optus allowing us to control our own networks and not try to baby us with the lame excuse of security. Be it on our own heads if we muck with our own DNS settings, put a disclaimer on the page that says "Optus will not help you if you change this setting" if it makes you feel better.

0 Kudos
Reply
Firefox
New Contributor
New Contributor

Re: DNS Hijacking (F@ST 5366)

Have you tried a JavaScript to remove the readonly value and make the input field editable?

0 Kudos
Reply
Firefox
New Contributor
New Contributor

Re: DNS Hijacking (F@ST 5366)

Does the 5366 allow you to backup the configuration into a file?

I'm curious as I was sent a 5366 recently but after reading that it hijacks all DNS queries and doesn't even let one use a chosen DNS server like 1.1.1.1 I haven't bothered setting it up.

0 Kudos
Reply
Sorab
Occasional Contributor
Occasional Contributor

Re: DNS Hijacking (F@ST 5366)

It does, I have the file, but it's encrypted, the file name is device.cfg and the first line of text is AEAD 10. 

0 Kudos
Reply
Firefox
New Contributor
New Contributor

Re: DNS Hijacking (F@ST 5366)

If you want you can send me the config and I'll try to decrypt the admin password.

I doubt it but just in case, does 192.168.0.1/rom-0 or 192.168.1.1/rom-0 do anything?

0 Kudos
Reply
Sorab
Occasional Contributor
Occasional Contributor

Re: DNS Hijacking (F@ST 5366)

The link does not work, my default gateway is 192.168.0.1, 

https://drive.google.com/file/d/1GixJ_h8BpYWDFITj8JKYspPk-7pFtob6/view?usp=sharing that is the config file.

0 Kudos
Reply
alex_ust
New Contributor
New Contributor

Re: DNS Hijacking (F@ST 5366)

Is there any estimates for fixing this problem? From Optus perspective it must be a 1st priority fix for the next firmware release.

0 Kudos
Reply