Time and Maxis started to hijack dns query

Lowyat.NET forums

Lowyat.NET Kopitiam Garage Sales

Lowyat.NET Rules and Regulations FAQ Help Search Members

Welcome Guest ( Log In | Register )

Lowyat.NET -> Networks and Broadband

Bump Topic Add Reply RSS Feed

Outline · [ Standard ] · Linear+

Time and Maxis started to hijack dns query

views

ChenKaiWen	Aug 9 2024, 03:38 PM Return to original view \| Post #1
Casual Junior Member 364 posts Joined: May 2019	QUOTE(moiskyrie @ Aug 9 2024, 03:05 PM) I using tm provide router.... Got way to unblock? The white router.....az-tech I think... Host adguard on a pc or raspberry pi. Set upstream server to use DoT or DoH. Make the router use the adguard as main DNS.
Card PM	Report Top Like Quote Reply

ChenKaiWen	Aug 13 2024, 07:55 PM Return to original view \| Post #2
Casual Junior Member 364 posts Joined: May 2019	I use quad9 DoH and DoT on adguard. Just now it stopped working, sites fail to resolve. I see a bunch of timeout in the logs using 443. After removing DoH, it started working again. Adding back DoH did not break it. Checking on ipleak, Global Transit (TIME) shows up for ipv4 while Woodynet(Quad9) shows up for ipv6. Something is not right
Card PM	Report Top Like Quote Reply

ChenKaiWen	Aug 13 2024, 07:59 PM Return to original view \| IPv6 \| Post #3
Casual Junior Member 364 posts Joined: May 2019	QUOTE(QuantumEdge @ Aug 13 2024, 07:57 PM) Are you a time user? I'm having issues now, all sites are slow as heck On Adguard DoT Yes. Most of the devices can’t resolve, only a few can. This post has been edited by ChenKaiWen: Aug 13 2024, 08:00 PM
Card PM	Report Top Like Quote Reply

ChenKaiWen	Aug 13 2024, 08:07 PM Return to original view \| IPv6 \| Post #4
Casual Junior Member 364 posts Joined: May 2019	QUOTE(nazq @ Aug 13 2024, 08:06 PM) Network abruptly stopped in my case, around 7 pm here in the midst of browsing. Very slow, then showing failed DNS probe on Chrome. Same here. Around 7, suddenly stopped working. Bunch of connection timeout for 443 in adguard. I have parallel request, no idea why it didn’t fall back on TLS instead.
Card PM	Report Top Like Quote Reply

ChenKaiWen	Aug 13 2024, 08:26 PM Return to original view \| IPv6 \| Post #5
Casual Junior Member 364 posts Joined: May 2019	Thanks for informing. Did a trace route on ipv6, seems to go to Singapore still, ipv4 goes to myix
Card PM	Report Top Like Quote Reply

ChenKaiWen	Aug 13 2024, 08:50 PM Return to original view \| IPv6 \| Post #6
Casual Junior Member 364 posts Joined: May 2019	QUOTE(PRSXFENG @ Aug 13 2024, 08:45 PM) Maybe the server only has ipv4 connectivity I check with https://www.dnscheck.tools/ and notice IPv4 MY - Global Transit IPv4 SG - WoodyNet IPv6 MY - WoodyNet IPv4 SG - WoodyNet Quad9 does have a total of 3 MY locations and 2 SG locations (Don't trust the map 100%, at one point in time they listed Johor's country as Singapore , and they say they don't update it that often ) My guess is MyIX KUL would be TIME's Global Transit and the DE-CIX KL is the PCH/WoodyNet one? DE-CIX does peer with PCH/WoodyNet seems that it is going to KUL. But traceroute 2620:fe::9 and 2620:fe::fe is going to Singapore. Seems to be all good now. PRSXFENG liked this post
Card PM	Report Top Like Quote Reply

ChenKaiWen	Aug 14 2024, 06:41 AM Return to original view \| IPv6 \| Post #7
Casual Junior Member 364 posts Joined: May 2019	CODE dig @9.9.9.9 googie-anaiytics.com ; <<>> DiG 9.18.28-0ubuntu0.22.04.1-Ubuntu <<>> @9.9.9.9 googie-anaiytics.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32048 ;; flags: qr rd ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;googie-anaiytics.com. IN A ;; Query time: 8 msec ;; SERVER: 9.9.9.9#53(9.9.9.9) (UDP) ;; WHEN: Wed Aug 14 06:38:40 +08 2024 ;; MSG SIZE rcvd: 49 CODE traceroute 9.9.9.9traceroute to 9.9.9.9 (9.9.9.9), 30 hops max, 60 byte packets 1 router.lan (10.0.0.1) 0.707 ms 0.358 ms 0.319 ms 2 161.142.48.1 (161.142.48.1) 2.730 ms 2.643 ms 2.840 ms 3 * * * 4 223.28.43.70 (223.28.43.70) 6.111 ms 5.912 ms 5.746 ms 5 pch.myix.my (218.100.44.20) 7.252 ms 7.214 ms 7.310 ms 6 dns9.quad9.net (9.9.9.9) 7.389 ms !X 8.056 ms !X 7.769 ms !X Unable to resolve that domain but traceroute shows !X haya liked this post
Card PM	Report Top Like Quote Reply

ChenKaiWen	Aug 29 2024, 01:40 PM Return to original view \| Post #8
Casual Junior Member 364 posts Joined: May 2019	QUOTE(sadlyfalways @ Aug 29 2024, 01:05 PM) Also, is it normal for my second node not to be my public ip address? I am .192 and not .1 for the last 3 digits That should be the gateway ip for Maxis. My TIME traceroute do it too
Card PM	Report Top Like Quote Reply

ChenKaiWen	Sep 6 2024, 11:26 AM Return to original view \| Post #9
Casual Junior Member 364 posts Joined: May 2019	QUOTE(biatche @ Sep 6 2024, 11:22 AM) anyone know if doh/quad9 work? Works fine on TIME in Penang. So far, here not even blocking plaintext yet.
Card PM	Report Top Like Quote Reply

ChenKaiWen	Sep 7 2024, 08:22 AM Return to original view \| IPv6 \| Post #10
Casual Junior Member 364 posts Joined: May 2019	QUOTE(Sam Leong @ Sep 7 2024, 07:56 AM) Also , from my side TIME didn't even implement DNS plaintext hijack not sure why Same here in Penang
Card PM	Report Top Like Quote Reply

« Next Oldest · Networks and Broadband · Next Newest »

Add Reply Options

Change to:

0.0250sec

0.45

7 queries

GZIP Disabled
Time is now: 2nd December 2025 - 07:00 AM

All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)

Removal Request

Powered by Invision Power Board © 2025 IPS, Inc.