- Apr 1, 2019
- 2,797
What really bothered me is it still happens even if I block port 53 on the router and if I use DoH in browser. I’m not worried about Amazon, but I am annoyed it negates any filtering DNS.
Edge using Amazon DNS?
- Thread starter blackice
- Start date
- Jul 8, 2012
- 829
Considering that it was suddenly there this morning I expect a chance that it returns, as such I was careful to mention “right now”. I guess it is just a matter of when it returns and not if.
- Apr 1, 2019
- 2,797
Well the only response I have on Reddit is a downvote...? I don't think people realize this could be a big problem for groups relying on DNS filtering. Oh well, you just can't help people.
- Jul 8, 2012
- 829
I wish I could say I was surprised about that downvote on Redit, but I am not. A lot of people there make a hobby at of doing that. Oh well, their problem and not ours.
- Apr 1, 2019
- 2,797
The relevant post for anyone curious.
- Apr 1, 2019
- 2,797
After more testing it looks like it could be Route 53 being used on some of the TLDs the leaktest tries, I wonder if that affects DNS filtering? And why is it only Windows devices!?
Thanks @TairikuOkami and @oldschool for nudging me in the right direction. I've never seen Route 53 show up in DNS leak tests before.
I think the Port 53 blocking issue is due to IPv6 not being blocked properly and I will have to take my network down later to test that.
Thanks @TairikuOkami and @oldschool for nudging me in the right direction. I've never seen Route 53 show up in DNS leak tests before.
I think the Port 53 blocking issue is due to IPv6 not being blocked properly and I will have to take my network down later to test that.
Last edited:
- Mar 29, 2018
- 7,129
I've yet to see Route 53 or anything besides my chosen DNS.
Practical Response
Level 8
- Mar 10, 2024
- 362
Does route 53 run parallel to thee ole route 66, as I have traveled that once, its very scenic
🫣
Last edited:
- May 13, 2017
- 2,497
Aside from disabling IPv6
I would also set this:
Code:
rem Disable IPv6
netsh int ipv6 isatap set state disabled
netsh int teredo set state disabled
netsh interface ipv6 6to4 set state state=disabled undoonstop=disabled
reg add "HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition" /v "6to4_State" /t REG_SZ /d "Disabled" /f
reg add "HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition" /v "ISATAP_State" /t REG_SZ /d "Disabled" /f
reg add "HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition" /v "Teredo_State" /t REG_SZ /d "Disabled" /f
reg add "HKLM\System\CurrentControlSet\Services\Tcpip6\Parameters" /v "DisabledComponents" /t REG_DWORD /d "255" /f
reg add "HKLM\System\CurrentControlSet\Services\Tcpip6\Parameters" /v "EnableICSIPv6" /t REG_DWORD /d "255" /f
Code:
rem Disable Discovery of Designated Resolvers (DDR), a mechanism for DNS clients to use DNS records to discover a resolver's encrypted DNS configuration
reg add "HKLM\Software\Policies\Microsoft\Windows NT\DNSClient" /v "EnableDdr" /t REG_DWORD /d "0" /f
rem 3 - Require DoH / 2 - Allow DoH / 1 - Prohibit DoH
reg add "HKLM\Software\Policies\Microsoft\Windows NT\DNSClient" /v "DoHPolicy" /t REG_DWORD /d "3" /f
rem Disable IDN (internationalized domain name)
reg add "HKLM\Software\Policies\Microsoft\Windows NT\DNSClient" /v "DisableIdnEncoding" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Policies\Microsoft\Windows NT\DNSClient" /v "EnableIdnMapping" /t REG_DWORD /d "0" /f
rem 1 - Discovery of Network-designated Resolvers DNS over TLS (DoT), DNS over HTTPS (DoH), DNS over QUIC (DoQ)
reg add "HKLM\System\CurrentControlSet\Services\Dnscache\Parameters" /v "EnableDnr" /t REG_DWORD /d "0" /f
rem Disable smart multi-homed name resolution
reg add "HKLM\Software\Policies\Microsoft\Windows NT\DNSClient" /v "DisableSmartNameResolution" /t REG_DWORD /d "1" /f
reg add "HKLM\System\CurrentControlSet\Services\Dnscache\Parameters" /v "DisableParallelAandAAAA" /t REG_DWORD /d "1" /f
rem Disable Multicast/mDNS repeater / https://f20.be/blog/mdns
reg add "HKLM\System\CurrentControlSet\Services\Dnscache\Parameters" /v "EnableMDNS" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Policies\Microsoft\Windows NT\DNSClient" /v "EnableMulticast" /t REG_DWORD /d "0" /f
reg add "HKLM\System\CurrentControlSet\Services\Dnscache\Parameters" /v "EnableAutoDoh" /t REG_DWORD /d "2" /f
rem 1 - Disable Domain Name Devolution (DNS AutoCorrect) / 0 - Enabled (Default)
reg add "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters" /v "UseDomainNameDevolution" /t REG_DWORD /d "0" /f- Apr 1, 2019
- 2,797
I’m about to go have dinner on the street that used to be Route 66 in my city.Does route 53 run parallel to thee ole route 66, as I have traveled that once, its very scenic
- Apr 1, 2019
- 2,797
Japanese Curry, it was delicious.
- Mar 2, 2023
- 802
@blackice and now for the bizarre. Of 3 of my Windows 10 PCs, 2 were getting the Ireland amazon servers 1 wasn't. 2 of 3 of my Windows 11 PCs, were also getting the amazon servers, 1 wasn't. So the one Windows 10 PC was using a Netgear USB wireless adapter running Kaspersy free. The other Windows 11 PC is only using Windows Security. All of them are connected to the same router....so was it because of the Netgear adapter and Kaspersky on the Windows 10 PC, and was the Window 11 just running Windows Security made the difference....what if it's F-Secure? So I uninstalled it from one of my Windows 11 Notebooks, and guess what, no more Amazon servers, only my ISP showing up on the ip leaktest site. Mullvad also showed the same results
Next, I uninstalled F-Secure from the other Windows 11 Notebook, and what do you know, no more Amazon servers. If you have F-Secure installed, try uninstalling it and see if it works for you. As I did remember in GlassWire, that F-Secure does connect to Ireland servers, its plug in hosting service, so maybe somehow those get tied in together? So it's no longer an issue on those PCs with either Brave or Chrome. Needless to say, F-Secure is being replaced by Kaspersky Plus for the time being
Next, I uninstalled F-Secure from the other Windows 11 Notebook, and what do you know, no more Amazon servers. If you have F-Secure installed, try uninstalling it and see if it works for you. As I did remember in GlassWire, that F-Secure does connect to Ireland servers, its plug in hosting service, so maybe somehow those get tied in together? So it's no longer an issue on those PCs with either Brave or Chrome. Needless to say, F-Secure is being replaced by Kaspersky Plus for the time being
- Mar 2, 2023
- 802
Just uninstalled F-Secure from my 3rd PC, Windows 10. No more Amazon servers I was using F-Secure Internet Security.
edit: disabling the F-Secure browser extension, and turning off the Browsing Protection in the apps settings, did not resolve it, isn't a "solution" unless there's something else to try, apart from Windows firewall settings. I'm more of a get rid of the offending culprit, compared to a more involved work around type of user
I was using F-Secure Internet Security.edit: disabling the F-Secure browser extension, and turning off the Browsing Protection in the apps settings, did not resolve it, isn't a "solution" unless there's something else to try, apart from Windows firewall settings. I'm more of a get rid of the offending culprit, compared to a more involved work around type of user
Last edited:
- May 13, 2017
- 2,497
Do you also block it in the firewall? Because Windows overrules router. In WFC you can allow only specific DNS IPs
- Mar 2, 2023
- 802
I just found this:
aws.amazon.com
In this case, it could be a part of helping the speed and efficiency of F-Secure as it migrates to 64-bit.
F-Secure Case Study – Amazon Web Services (AWS)
Read the F-Secure customer case study, powered by the AWS Cloud. AWS provides cloud computing services to hundreds of thousands of customers.
aws.amazon.com
In this case, it could be a part of helping the speed and efficiency of F-Secure as it migrates to 64-bit.
Last edited:
- Jul 8, 2012
- 829
I believe you, I do, but that makes it even weirder for me? I do not use F-Secure, and granted after that first one it has not happened to me any more? (So far that is.)
- Mar 2, 2023
- 802
- Apr 1, 2019
- 2,797
Blocked the port in the firewall on the router. I even made sure it was working by changing the Windows setting and seeing if the router blocked the internet if it didn't have a DHCP provided DNS. And it did.
Maybe another program that uses it.
Thanks! I have had F-Secure installed. I will try with it uninstalled later and see. I'm guessing you're right.Thanks
View attachment 282616
View attachment 282617
- Apr 1, 2019
- 2,797
@Jonny Quest Looks like we have a winner! Uninstall of F-Secure and it's gone. Maybe it's part of the network filtering process. Also, my resolutions are snappier. Not in a way that matters, but it definitely was inspecting DNS requests. I know others like Avast also mess with DNS. F-Secure would still be me option for a 3rd party AV. But I think I may just done messing with any 3rd party AV for now. Things always go smoother without.
- Mar 2, 2023
- 802
I agree, I haven't installed anything yet, and in thinking about it, I will not install Kaspersky Plus with it's 42 modules and all its settings. Granted, some of them can be disabled to only manually run, so I get that part. But when you need a search bar, which was helpful, to find a module or setting, is a bit much. The free version is wonderful though
Even their Internet Security had ~39 modules. I had gone to F-Secure Internet Security for it's simplicity, protection and its 3 module home screen. So, we'll see Similar threads
