My home / home-office network uses OpenDNS as a content filter. As the OpenDNS admin, I received a "User wants access to..." email indicating that someone tried to access a blocked site and requested that it be un-blocked.
However, after studying the time of the request, details from the request email, and router logs, I'm fairly sure the requesting device was not connected to my network at the time. The request came from a Disconnect.me VPN IP address.
I'm hazy on the topology of a router-to-DSL-modem-to-OpenDNS configuration, especially with Disconnect.me thrown in. Is it possible this is some unexpected interaction between OpenDNS and Disconnect.me? Or is there some other way an OpenDNS "User wants access" email could be routed to the wrong admin from a device not directly on the admin's network?
More details:
The request email was from an iPad, and my WRT1900AC's control panel says this iPad has never authenticated to my network, so network intrusion seems somewhat unlikely. Also, someone stealthy enough to hack my router almost certainly wouldn't be clumsy enough to fill out a form, supply their name and ISP-based email address (@sbcglobal), and ask me to unblock an adult-oriented website.
Coincidentally (?) I recently started trying Disconnect's VPN on one Windows workstation, but that machine was powered off at the time of the request.
Aucun commentaire:
Enregistrer un commentaire