Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Please teach me how to remove DNS completely and permanently.

28 Aug 2013   #11
diplo

Windows 7 Profession x64
 
 

Quote   Quote: Originally Posted by Shadowjk View Post
I wouldn't rely on your firewall to protect you unless it has some sort of intrusion prevention system. An attack can come in the same port as your web traffic (TCP port 80). Equally if you get infected by any malware whether it be from a thumb drive or the internet then it is likely for it to remotely connect to a host without your knowledge. This could be done using TCP port 80 which is the same port as your HTTP traffic.

Also, it is possible for some malware to spoof the DNS servers and use that therefore to reduce this risk I would strongly recommend placing a deny inbound statement on the inside interface of your firewall to deny any DNS requests (UDP port 53). Please understand that this will not restrict any communications that use IP addresses and if I were to make some sort of application I would set the machine to connect to an IP address rather than a URL since my remote server will most likely not be in the public DNS servers.

Note   Note
This would apply to all hosts if done on your firewall. If you wish to only do it on a single PC then you would need to edit the personal firewall


Just a caution that you may wish to consider,
Josh
Josh - this guy isn't running a web server, therefore he doesn't have anything open on port 80. web servers accept connections on port 80, the user end uses an ephemeral port. Also he's talking about turning DNS OFF so why talk about malware redirecting his DNS traffic? Furthermore, you're talking about the possibility of malware turning his PC into a rogue DNS server (telling him to deny port 53, as if his NAT box or doesn't have a firewall on)... why hijack this thread to talk about some unlikely malware disaster?


My System SpecsSystem Spec
.
28 Aug 2013   #12
Shadowjk

Windows 7 Professional x64 SP1 ; Windows Server 2012 R2 Standard
 
 

Quote   Quote: Originally Posted by diplo View Post
Quote   Quote: Originally Posted by Shadowjk View Post
I wouldn't rely on your firewall to protect you unless it has some sort of intrusion prevention system. An attack can come in the same port as your web traffic (TCP port 80). Equally if you get infected by any malware whether it be from a thumb drive or the internet then it is likely for it to remotely connect to a host without your knowledge. This could be done using TCP port 80 which is the same port as your HTTP traffic.

Also, it is possible for some malware to spoof the DNS servers and use that therefore to reduce this risk I would strongly recommend placing a deny inbound statement on the inside interface of your firewall to deny any DNS requests (UDP port 53). Please understand that this will not restrict any communications that use IP addresses and if I were to make some sort of application I would set the machine to connect to an IP address rather than a URL since my remote server will most likely not be in the public DNS servers.

Note   Note
This would apply to all hosts if done on your firewall. If you wish to only do it on a single PC then you would need to edit the personal firewall


Just a caution that you may wish to consider,
Josh
Josh - this guy isn't running a web server, therefore he doesn't have anything open on port 80. web servers accept connections on port 80, the user end uses an ephemeral port. Also he's talking about turning DNS OFF so why talk about malware redirecting his DNS traffic? Furthermore, you're talking about the possibility of malware turning his PC into a rogue DNS server (telling him to deny port 53, as if his NAT box or doesn't have a firewall on)... why hijack this thread to talk about some unlikely malware disaster?
Correct the host will use a source port when initiating a TCP session but the destination port for the segments are on port 80. What I'm trying to say is that some hackers will use that when trying to hijack a connection (Source port of 80 as if it came from a web server using a port sniffer to find an open port) and then if succeeded they will try to send information out on a destination of port 80. All I want to say is that they shouldn't solely rely on their hardware firewall to complete all the security. As to whether or not they are using NAT I do not know.

Yes they wish to turn DNS OFF but that doesn't stop an application from initiating a UDP request out. I am not saying that their machine turns into a DNS server but rather an application will exploit the loopback address setup as the primary DNS server on the NIC so that when it doesn't find the record requested it will use a predefined DNS server within the application and then make the request to wherever rather than the usual drop of packet. Denying UDP port 53 is the closest thing to preventing any DNS requests to the internet as you are going to get.

I just thought to mention the possible threats that could happen since the OP stated that they will not be using any Anti-Virus/malware applications. Chances of this happening are slim but its best to know especially if the OP is going to do important tasks such as banking.

Josh
My System SpecsSystem Spec
04 Sep 2013   #13
hma

Windows 7 64 bit
 
 

Thank you very much for caring about my issue.

Sorry. I didn't report quickly. I was busy working on something else.

My PC used to keep looking for ISP DNS even though I disabled Windows 7 DNS Client Service. After I configured my PC as diplo instructed, my PC quit looking for ISP DNS servers. When I set up DNS to be 127.0.0.1, my PC became quiet. That's very nice.

The above conversation reminds me to set up my commercial firewalls to block all UDP traffic. Period. It is a very good point.

I really appreciate the help that was provided by forum members. Problem was solved.

Best luck to everyone.
My System SpecsSystem Spec
.

04 Sep 2013   #14
Shadowjk

Windows 7 Professional x64 SP1 ; Windows Server 2012 R2 Standard
 
 

I am glad you have completed what you wished Please understand that UDP traffic isn't just used for DNS. Other UDP ports are used for any Video streaming, VoIP and other streaming services such as gaming. By blocking all UDP traffic you will find those services will be inaccessible.

Just a pointer,
Josh
My System SpecsSystem Spec
Reply

 Please teach me how to remove DNS completely and permanently.




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
How do I permanently remove Registry Reviver
I have removed this program 3 days in a row. Twice with Geek Uninstaller & once with Add/Remove Programs. After removing it I reset my Google Chrome to get rid of the search engines it installs & restart my Microsoft Security Essentials which it turned off. When I start the PC the next day I run...
Software
How can I permanently remove GoSaVeu browser extension?
How can I remove GoSaVeu web browser extension, for ever? I use Windows 7 Ultimate 64-bit and my main browser is Google Chrome (I still have Firefox and IExplorer installed). Every time I start Chrome Avast would report that it has blocked a threat and it will continue periodically reporting the...
System Security
Trying to permanently remove FIPS from my PC
A while back one of my programs didn't launch. I received an error "This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms". I learned how to disable FIPS using Regedit. The problem is that every time I reboot the computer, the FIPS registry key gets...
General Discussion
How to permanently remove US English language from Win 7?
Hi, I need to know one thing. I have been trying to remove US English language from Windows 7, but I am unable to do so. When I use this path, Region and Language / Keyboards and Languages, and then tap on Install / uninstall languages, there's no option to select and remove US English. I have...
General Discussion
Permanently Remove My Document Sub Folders
Hey all Need some minor help here. I have 2 HDD on my pc where C drive is the system drive and D is Media where I have my music and video files. The sub folders in My Documents on C (My Videos, My Miusic, Favorites, Searches, & Saved Games) keep reappearing no matter how many times I delete...
General Discussion
Remove hidden updates permanently
Is there a way to remove hidden updates, permanently? I have about 50 stupid language packs that have been sitting there since time began. Then I updated to SP1 and now they're back, unhidden. I have to re-hide them all again. Anyway to permanently killfile this stuff once & for all? :( ...
Windows Updates & Activation


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 08:34.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App