One of the errors that Windows users most commonly complain about is the DNS server’s appearance of not responding error and the inability to visit some or all websites.
Suppose the Internet connection is active (for example, the router appears aligned and connected), and all the web browsers installed on the system have the same problems every time you try to visit the same sites. In that case, the DNS server will likely appear. Not responding is caused by the use of incorrect or malfunctioning DNS servers.
The Chrome browser is usually the one that provides the most interesting clues. The Google browser displays the error. The web page is not available. Immediately below (possibly help by pressing the Details link ), Chrome – in the case of specific problems relating to the DNS servers in use – displays the following error codes:
DNS_PROBE_FINISHED_BAD_CONFIG
DNS_PROBE_FINISHED_BAD_NXDOMAIN
The two errors are displayed when an error is detected in the DNS configuration or any case when the DNS in use could not resolve the requested domain name (for example, www.google.it, techsmartest.com, and so on).
As highlighted in many of our other articles, using DNS servers is essential to resolve mnemonic addresses or transform, for example, an address like techsmartest.com into the IP corresponding to the machine hosting the site.
Change DNS. What are DNS servers? To know more
– How to set up Google DNS
– Check the sites visited by a router, local network, and WiFi with OpenDNS
You can decide whether to set up DNS servers on the local system or use those specified in the router configuration panel. The router can be set so that it uses specific DNS servers (and communicates them to clients connected in the local network who request them) or that, in turn, waits to receive them from the Internet provider.
In the articles mentioned above, we explained why it is sometimes good to change DNS. The reasons can be many:
– some DNSs are faster than others
– some DNSs offer the possibility of blocking visits to inappropriate and dangerous websites
– foreign DNS allows you to resolve and, therefore, to visit websites blocked in Italy
In case you were to receive the error, the DNS server does not respond or similar; however, first of all, it is necessary to check the DNS used on the router and on the client machines connected to the local network and then proceed with the modification of the DNS, if necessary.
We, therefore, suggest to apply the following steps:
1) Check the DNS settings on the router
Generally, by typing http://192.168.1.1 or http://192.168.0.1it will be possible to access the router configuration panel after entering the user name and password (the standard credentials, if they have not been changed, are admin, admin or admin, password).
In this regard, it is good to remember that the default router credentials should always be changed: Protecting routers, here are the golden rules.
From here, you will need to check the DNS settings on the router. Usually, the router is set up so that it receives information from the Internet provider on which DNS servers to use.
However, most routers also offer the ability to manually set the IP addresses of the DNS servers to use (you’ll find a Set DNS server manually something similar).
Therefore, it is important to check that the DNS servers set up on the router are legitimate (for example, those provided by the provider, those of Google, those of OpenDNS, and so on) and have not been modified by malicious people.
2) Run the Router Checker test
The firmware (the software installed on routers and that oversees their operation) of some routers has some vulnerabilities that expose users to the risk of attack.
In particular, remote attackers may be able to launch a DNS hijacking attack, that is, to divert all DNS requests to malicious servers.
By exploiting some security holes in the router, cybercriminals can change the DNS on the router itself, replacing the user’s addresses or those received automatically from the Internet provider (connectivity provider) with arbitrary addresses.
To solve the problem, the best way is to update the router firmware to the latest version or, in any case.
By setting malicious DNS on the router with DNS hijacking practice, attackers can thus direct the systems connected to the local network ( all those that request via DHCP which DNS addresses to use ) towards malicious sites and carry out fraudulent activities (extremely effective phishing attacks).
If the attacker manages to change DNS on the router, he can, for example, make it so that by typing www.nomedellabanca.abc, systems connected to the local network are not directed to the bank server IP but remote servers managed by cyber criminals. It will be so easy to rake in user login credentials and very easy to mislead them.
To check if you were using a malicious DNS server, we suggest running the F-Secure test reachable at this address.
By clicking on the Start now button, F-Secure will check the set DNS server and immediately alert the user if a malicious DNS server is being used, such as set up by cybercriminal groups.
The F-Secure Router Checker service obviously cannot determine the DNS servers’ IP addresses set on the router. By clicking on the Details of your DNS server’s IP address linkhowever. If Google’s DNS (8.8.8.8 and 8.8.4.4) were set on the router, the F-Secure service would expose a series of IP addresses owned by Google. It will be the confirmation that everything is fine.
Suppose you detect the presence of malicious DNS server references on the router. In that case, you will have to immediately replace them (for example, with those of Google) then download and install the latest firmware version.
3) Check and possibly change the DNS set on
Windows clients and other operating systems allow you to receive the IP addresses of the DNS servers to be used by sending a specific request to the router (through the use of the DHCP protocol).
By accessing the Windows Network and Sharing Center then clicking on Change adapter settings, you will get the list of network interfaces in use (ethernet and WiFi).
By right-clicking on it, then selecting Properties and, finally, moving to Internet Protocol version 4 (TCP / IPv4) and Internet Protocol version 6 (TCP / IPv6), then clicking the Properties button, you can check which DNS servers are used on the local system.
If the Obtain DNS server address automatically option is selected, the router will report the DNS to use. Conversely, by setting the DNS addresses in the following boxes, it is possible to manually specify the servers to resolve domain names.
By opening the command prompt ( Start, Run , cmd ) and typing ipconfig / all, you can immediately check the IP addresses used by the system in use to resolve domain names.
After typing the command, it will be necessary to identify the network card in use and read the IPs indicated next to the DNS Server item.
However, in case of problems, we suggest changing the DNS and trying to specify those of Google (8.8.8.8 and 8.8.4.4).
From the prompt, we also recommend running the ipconfig / flushdns command to clean up the DNS cache managed locally by Windows.
If the DNS error affects only one or more sites, we suggest – again from the command prompt – to type the following:
nslookup
www.sitename.abc nslookup www.sitename.abc 8.8.8.8
The first command allows you to establish how the mnemonic address indicated with the currently set DNS server is resolved. The second command explicitly asks the Google DNS server (IP 8.8.8.8) to resolve the same domain name.
In short, the nslookup command allows you to check whether there are differences in the resolution of domain names between the DNS server in use and other DNS servers.
Note that some sites, the larger ones, use a distributed structure. The responses to DNS queries, in terms of IPs returned, could therefore be different.
A service like this will eventually allow you to establish ownership of a domain.
As you can see, both IPs returned are owned by Google:
For more information on the use of DNS servers, however, we suggest reading the articles cited in the introduction.
A tech-savvy writer with a knack for finding the latest technology in the market, this is what describes John Carter. With more than 8 years of experience as a journalist, John graduated as an engineer and ventured soon into the world of online journalism. His interest includes gadget reviews, decoding OS errors, hunting information on the latest technology, and so on.