We are a small broadband ISP. We have one customer that could not get DNS to resolve. We found that he was using a DNS server in China/Taiwan, 168.95.192.1 (hntp1.hinet.net) We have our own DNS servers and this router had our DNS in its DNS field. The reason he failed is that the above DNS failed for several hours yesterday. We checked our server logs and found that he has been using this DNS since early July. He is behind a DI-604 router. As it turns out, the router redirects any request on port 53 to this hntp1.hinet.net Today we replaced the router and it's all back to normal, all DNS requests are going to our server. We also checked the settings in the DI-604, they are correct. In fact, if we use the DI-604's internal ping test, it uses our DNS. Is it possible to hack a router?? Anyone heard of this? Thanks,
- R