- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
For the past 3 days the DNS for me (and people I know from work that have FIOS) has been correupted by what appears to be a DNS hack / re-direct to barefruit.co.uk92.242.140.21. This is causing super slow resolve times for websites, super SLOW connection times for the office VPN and lack of DNS at home to reach machines via their hostnames (IP address works).
I logged a ticket two days ago to Verizon but this is still an issue. Can the real network (not voice) engineers at Verizon resolve this ?
Example: (code1.emi.philips.com appends from our office naming convention)
nslookup www.cnn.com
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1
Non-authoritative answer:
Name: www.cnn.com.code1.emi.philips.com
Address: 92.242.140.21
General IP Information
IP: 92.242.140.21
Decimal: 1559399445
Hostname: unallocated.barefruit.co.uk
ISP: Barefruit Ltd.
Organization: Barefruit Ltd.
Services: None detected
Type:
Assignment: Static IP
Solved! Go to Correct Answer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I got a response from Verizon today about this.
"This is expected bahavior. The Verizon Online DNS resolvers have NXDOMAIN redirection services that redirect any unknown host to a sponsored search page. You can opt out of this by changing your resolver from .12 to .14."
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is a peer support group. We are users just like you.
You need to contact tech support if it is still an issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This might be the result of Verizon's DNS redirection on nxdomain responses. It's possible Verizon's DNS is yet again broken.
If you want to use Verizon's DNS services instead of servers like OpenDNS, do this. Take the IP addresses of the DNS Servers your router shows, and change the last digit from 12 to 14. This will give you proper DNS. If changing the DNS Sever doesn't fix the problem, let us know.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Good option, also try emailing that kind of issue to DNS@verizon.com and see if they can help.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
if it's a dns hack, changing your dns would fix it.
if that doesn't fix it, you might have a different problem, in that case post a traceroute
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Monday August 4th 6AM EST
I noticed this address as well. Outgoing excerpt from my router log '92.242.140.21:427'.
Who is results . . .
[Querying whois.arin.net] [Redirected to whois.ripe.net:43] [Querying whois.ripe.net] [whois.ripe.net] % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '92.242.140.0 - 92.242.140.255' % Abuse contact for '92.242.140.0 - 92.242.140.255' is 'abuse@barefruit.co.uk' inetnum: 92.242.140.0 - 92.242.140.255 netname: BAREFRUIT-ERRORHANDLING descr: BAREFRUIT-US-ANYCAST-A country: GB org: ORG-BL53-RIPE admin-c: PR42-RIPE tech-c: PR42-RIPE status: ASSIGNED PA mnt-by: CATALYST2-MNT source: RIPE # Filtered {Edited to comply with guidelines}
mnt-by: CATALYST2-MNT source: RIPE # Filtered nic-hdl: PR42-RIPE % Information related to '92.242.140.0/24AS45028' route: 92.242.140.0/24 descr: BF-MC-1 origin: AS45028 mnt-by: CATALYST2-MNT source: RIPE # Filtered
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
VPN'd users on FiOS are having all sorts of name resolution issues, everything resolves to this address even if it doesn't exist (should return NXDOMAIN), as soon as we change the user's local DNS from Verizon to Google / Open DNS etc. everything starts working again.
This is extremely frustrating (I'm a FiOS customer as well) I opened a ticket and they denied any issues with their DNS and to top it off the network technician refused to talk to me on the phone and rather suggesting it's all "on our end".... The issue was swept under the rug instead of being seriously dealt with.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This problem caused havoc with our VPN as well which is how we discovered it. Switching DNS severs fixed the problem.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm having this same issue. this has broken my companies VPN system. Nothign resolved properly anymore on a fios connection.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I got a response from Verizon today about this.
"This is expected bahavior. The Verizon Online DNS resolvers have NXDOMAIN redirection services that redirect any unknown host to a sponsored search page. You can opt out of this by changing your resolver from .12 to .14."
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I also noticed this issue recently.
I noticed a DNS Suffix of SME on my IP configuration, which may (or may not) be related to this.
I changed my IP Configuration to remove this DNS Suffix and it seems to have resolved my VPN issues.
I can't find any info on this dns suffix in google searches.
mn
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is still an issue months after Verizon was made aware that their DNS was redirecting customers incorrectly. Now when this hapens, FiOS routers are creating port forwarding rules for this ip address and company Barefruit without the knowledge of their customers. How is an everyday user to know that this is going on as they have no idea how to log into the web interface of a router?! First level tech support at Verizon act like they have never heard of this issue when you call, it was only after they put me on the phone with Actiontech that it was immediately addressed.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Issue? its fully explained behavior. If you use the default Verizon DNS server and give it a invalid url name, instead of just giving an invalid name they will give you one with a did you mean type message and ads.
Don't like it. Manually set your DNS servner addresses from xxx.xxx.xxx.12 to xxx.xxx.xxx.14.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Just a quick follow up.
it seems my problem is not solved by removing the SME dns suffix.
mn
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I found my router has been hacked as well... the remote admin port was set open and there were QOS additions made to my setting. This is very concerning... and wonder what Verizon is doing to address this?
I googled this ip address and found this discussion in this forum.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This started happening on 9/9/15 to my Citrix receiver sessions where Verizon DNS server would not resolve to the proper IP address. Malwarebytes caught and prevented the outbound connection. I fixed it by changing the DNS settings (Internet Protocol Version 4 (TCP/IPv4) properties) to either Google or OpenDNS (I went with Google). Google is 8.8.8.8 or 8.8.4.4.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Barefruit redirects by an ISP suck plain and simple.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
As this thread is now over two years old, it will be locked in order to keep discussions current. If you have the same or a similar question/issue we invite you to start a new thread on the topic.