Why did my DNS servers disappear from Speedtouch.lan when I installedComodo Antivirus? What is DNS

[RayLopez99]

This is incredible...I have to pick your brain please.

There is other malware on cracked ad and web servers which try to crack
your router while you read the web page. I have only seen one hit.

Very interesting--and I have something interesting that maybe you can
figure out. Yesterday I replaced my Sophos based anti-virus on my
Windows XP machine, called "Webroot AV" with the freeware by Comodo
antivirus. I'm very happy it did, for one thing Comodo scans faster,
is less intrusive, and found a few minor things that Webroot did not.
During the installation by Comodo, it gave the option of replacing
your existing DNS routers, with Comodo's DNS routers, to prevent "DNS
poisoning" (whatever that is, and I've read the Wikpedia entry). I
choose this option, and today when I tried to check out: http://speedtouch.lan
to change my Speedtouch Ethernet Router and Firewall password (per
your suggestion to make the hardware firewall password longer) I found
this site is no longer there! (says my browser: Oops! Google Chrome
could not find speedtouch.lan). What is happening? I can only guess
that somehow Comodo is intercepting all such requests and replacing
them with the error ( "404" or whatever code is used) page. Is this
possible? I thought this //speedtouch.lan page existed only on your
hardware, on your Speedtouch router that's 1 meter from my
computer?! But, reading this Wikipedia article: (http://
en.wikipedia.org/wiki/DNS_cache_poisoning) I see that I was mistaken
about where the "speedtouch.lan" page lived--I thought it was on my
router, hardwired, but apparently it lives on the ISP (Otenet in my
case) server. So what Comodo did was somehow (and I have no idea how
they did this--very clever of them!) change the DNS pointers that my
ISP uses to Comondo's DNS servers. Is that right? Or close to being
right in your opinion? Any insight appreciated.

And BTW, how common is DNS poisoning? I read the above Wikipedia
article and it seems it would only work with disreputable ISPs.
Otenet is the Greek national telephony carrier, and though their
service sucks, I would imagine they don't use disreputable tactics.
But maybe--and this is the key--despite any efforts they make, they
could have some virus or packet sniffer on their DNS servers that
maliciously divert DNS queries, is that the idea?

RL

 

[GangGreene]

This is incredible...I have to pick your brain please.

You don't know what your doing.

Very interesting--and I have something interesting that maybe you can
figure out. Yesterday I replaced my Sophos based anti-virus on my
Windows XP machine, called "Webroot AV" with the freeware by Comodo
antivirus. I'm very happy it did, for one thing Comodo scans faster,
is less intrusive, and found a few minor things that Webroot did not.
During the installation by Comodo, it gave the option of replacing
your existing DNS routers, with Comodo's DNS routers, to prevent "DNS
poisoning" (whatever that is, and I've read the Wikpedia entry). I
choose this option, and today when I tried to check out:
http://speedtouch.lan to change my Speedtouch Ethernet Router and Firewall
password (per your suggestion to make the hardware firewall password
longer) I found this site is no longer there! (says my browser: Oops!
Google Chrome
could not find speedtouch.lan). What is happening?

You don't know what your doing.

I can only guess
that somehow Comodo is intercepting all such requests and replacing
them with the error ( "404" or whatever code is used) page. Is this
possible? I thought this //speedtouch.lan page existed only on your
hardware, on your Speedtouch router that's 1 meter from my
computer?!

You don't know what your doing.

http://www.dslreports.com/forum/r20096730-speedtouchlan-is-not-there

Don't you know how to use Google or have you banned it because it runs
Linux?

But, reading this Wikipedia article: (http://
en.wikipedia.org/wiki/DNS_cache_poisoning) I see that I was mistaken
about where the "speedtouch.lan" page lived--I thought it was on my
router, hardwired, but apparently it lives on the ISP (Otenet in my
case) server. So what Comodo did was somehow (and I have no idea how
they did this--very clever of them!) change the DNS pointers that my
ISP uses to Comondo's DNS servers. Is that right? Or close to being
right in your opinion? Any insight appreciated.

You don't know what your doing.

If you were using Linux you would just have to edit /etc/resolv.conf.
Then it would just work.

Since ms wants to keep all of thise nasty configuration files hidden you get
to CUSS, fight with the OS and waste time and then consult Google. Then it
still doesn't work so you reinstall the OS to attempt to fix a broken OS.

And BTW, how common is DNS poisoning? I read the above Wikipedia
article and it seems it would only work with disreputable ISPs.

You don't know what your doing.

Well at least it works with windows!

Otenet is the Greek national telephony carrier, and though their
service sucks, I would imagine they don't use disreputable tactics.
But maybe--and this is the key--despite any efforts they make, they
could have some virus or packet sniffer on their DNS servers that
maliciously divert DNS queries, is that the idea?

You don't know what your doing.

Why not just run your own DNS and be done with it. Linux makes that easy.