UPnP Testing Guide. CDRouter 9.0 adds InternetGatewayDevice:2 (IGDv2) device support, UPnP over IPv6 test cases as well as a general tuneup of CDRouter’s UPnP control point implementation. Table of Contents Level setting: While connected to a VPN, all the tests on this page test the VPN server, not your router. Likewise, with Tor you end up testing your Tor exit node rather than your router. To test your router, it needs to be connected to a dumb modem. If, however, you have connected a router to a gateway device (combination modem, router and perhaps even telephone adapter) from your ISP, you may be testing the firewall in the gateway device rather than your router. To test your router in this case, the gateway device needs to be put in Bridge mode, which should disable its firewall. DNS Server Tests Defensive Computing mandates that you know what your DNS servers should be. There are three reasons to be aware of your DNS servers. First, is that changing the DNS servers in a router is a common attack and without the websites listed below, it could be a very long time before this malicious change was detected. Then too, if you have a preferred set of DNS servers (perhaps OpenDNS or Quad9) the router you are connected to may ignore this preference and force you to use its DNS servers. I blogged about this in March 2018 (). When connected to a public Wi-Fi network, you should always check if the router running the network has imposed its DNS servers on your computer. Finally, we come to VPNs. If working well, the VPN client software on your computer should change your DNS servers to those run by the VPN provider. But, sometimes this does not happen. I would advise checking on your DNS servers before and after connecting to a VPN to insure that they have changed. • At you need to scroll down to see your DNS servers. It reports the Hostname, ISP, city and country. The page also shows lots of other useful information such as your public IP address, host name, location and ISP. • is sponsored by VPN provider IVPN. It offers a quick standard test and a slower extended test. Both report the Hostname, ISP and Country for each detected DNS server (no city). • from VPN provider ExpressVPN reports the Country and 'Provider' for each detected DNS server. ![]() It does not report a hostname or city. Note that it always warns that 'Your DNS is exposed!' Which really means you are not connected to ExpressVPN. • from VPN provider Perfect Privacy reports your current DNS servers. For each server it shows the IP address, computer name, ISP and host country. There a bug however, the ISP name is truncated. • is sponsored and operated by London Trust Media, the company behind VPN provider Private Internet Access. It reports the hostname, city and country for each detected DNS server, but not the ISP. • is from VPN provider VPN.ac. Click the big orange bottom at the bottom of the page to see the IP address, country and ISP of detected DNS servers. It does not show the names of each DNS server. • is from VPN provider AirVPN. It reports lots of things, including DNS servers. It is only available via HTTP, not HTTPS. It is also available on ports 8000 and 62222. • is a VPN tester page for the Mullvad VPN. In addition to confirming that you are connected to their VPN, it also shows the IP address, name and country of your DNS servers. And, it tests WebRTC too. • The does not really check routers, it simply reports on a DNS server. All the other DNS server checkers report on multiple detected DNS servers, F-Secure only reports on one. The company says their goal is to insure that your router is using an 'authorized DNS server' but there is no such thing and they don't define it. The service disappeared from roughly Feb. 2016 through Aug. 2016) but, it's back online. • The reports more details about your DNS servers than anywhere else that I know of. That said, it used to have a CPU looping issue. More recently, it takes a very long time for the tests to complete. • If you are using OpenDNS, you can verify this. • Some known BAD DNS servers: 91.194.254.105 (I lost track of the source). From a: 5.104.175.150 and 5.104.175.151 (). From a 46.17.102.10-24, 5.39.220.117-126, 217.12.218.114-121 and 93.115.31.194-244. In May 2017,, that I had not previously considered. 'Unfortunately, website-based tests may not be reliable once a home router has been compromised.' With that in mind, it makes sense to check with the router directly, be it with a web interface or an app, to double check the DNS servers. Windows users have another excellent option, the program by Nir Sofer. The program is free, portable and from a trustworthy source. It simply traces DNS requests and responses.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2019
Categories |