dslreports logo
site
spacer

spacer
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


view:
topics flat nest 
Comments on news posted 2011-02-04 08:40:17: Like many ISPs, cable operator Mediacom is now using DNS redirection to direct people who mistype URLs to a an ad-laden search portal instead of a 404 error -- as a way to generate additional revenue. ..

page: 1 · 2 · next


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx

Run your own DNS people

It stops this BS as well as some ISP tracking!


inferno4

join:2008-07-06

Use OpenDNS PEOPLE!!

Wish people would stop complaining about their DNS and just use OpenDNS!

208.67.222.222
208.67.220.220


NotOpenDNS

@myvzw.com
You're seriously recommending OpenDNS on a thread regarding invasive DPI and NXDOMAIN poisoning?

You're replacing one evil with an even larger evil -- OpenDNS happily gorges themselves on the demographic information you freely slap against their resolvers. The solution is to indeed run your own DNS server pointed at roothints and not rely on any "free" DNS service or sadly, your own ISPs.

Have you read OpenDNS's privacy policy; »www.opendns.com/privacy/

"Statistics are not personally identifiable but are correlated to your IP address and your account if you have signed up for one. OpenDNS uses Statistics to provide you with the DNS service and for internal analysis."

"In addition, OpenDNS also collects potentially personally-identifying information like the Internet Protocol (IP) addresses from which DNS requests are made. For its DNS services, OpenDNS temporarily stores logs to monitor and improve our quality of service, and to collect high-level aggregate Statistics."

Before you recommend a service spend some time reading exactly what you collect. You may find you've simply traded one privacy invasive technology for another. OpenDNS is doing what many of the ISP resolvers are now doing -- profiting from your data.

Finally, Karl, thank you for tying this back into Windstream, it's good that you've done this so people don't forget just how heinous their acts were and how evasive they were in admitting they were doing DPI.

ISurfTooMuch

join:2007-04-23
Tuscaloosa, AL
reply to inferno4
Using OpenDNS will only help with the DNS redirection. If they're using DPI, you're SOL.

Now, if you run your own DNS servers, you might be in a better position, since your query would be answered before it leaves your local network.


FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5
reply to TamaraB

Re: Run your own DNS people

said by TamaraB:

Run your own DNS people
It stops this BS as well as some ISP tracking!

Ok. Now how do you set that up for a run of the mill retail wireless router that 90% of the users will be using? And who have smartphones, xboxes, Wiis, iPads, etc using Wifi to access the Internet and not just a desktop or laptop?


Karl Bode
News Guy
join:2000-03-02
kudos:39
reply to ISurfTooMuch

Re: Use OpenDNS PEOPLE!!

Correct, as the users note -- this stuff is working whether or not they use third-party DNS alternatives.

TheRogueX

join:2003-03-26
Springfield, MO
reply to TamaraB

Re: Run your own DNS people

Sadly, most people have no idea how to set up their routers, let alone a DNS server. Hell, I work with computers every day and I'll be honest, I don't know how to do it.


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
Reviews:
·Optimum Online
·Clearwire Wireless

2 recommendations

reply to FFH5
said by FFH5:

Ok. Now how do you set that up for a run of the mill retail wireless router that 90% of the users will be using? And who have smartphones ....

You can't run a DNS server on any phone I know of, however, most can connect to the Internet via VPN. What I do on my iPhone is run it through my off-shore VPN. That cures all these nefarious ills.

On my laptop and on my netbook, I simply run Bind9.

To circumvent e-mail snooping, I use DynDns to ID my box wherever and whatever I am connected to, and run postfix to deliver and pick up my email.

The ONLY way around all this ISP bullshit is to use them as the dumb pipe they really are. If you use your ISP this way, all they see is an encrypted data-stream immune to DPI, port blocking, DNS-Redirection, and usage-logging. The very slight speed hit is worth the added security and privacy.

It works perfectly fine for me, and I feel comfortable that my ISP knows nothing about my activities, nor can they "manage" me in any way. It's called NET-NEUTRALITY, and FREEDOM, and is technically available today if you want to do the leg work to implement it.

Bob
--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"


zolcos

join:2010-05-19
Houghton, MI

404?

cable operator Mediacom is now using DNS redirection to direct people who mistype URLs to a an ad-laden search portal instead of a 404 error
DNS doesn't produce 404 errors. 404 is an HTTP error code and I doubt Mediacom is doing anything with them.


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
Reviews:
·Optimum Online
·Clearwire Wireless

1 recommendation

reply to TheRogueX

Re: Run your own DNS people

said by TheRogueX:

Sadly, most people have no idea how to set up their routers, let alone a DNS server.

You shouldn't need to do anything with the router. All DNS queries are initiated from inside.

said by TheRogueX:

Hell, I work with computers every day and I'll be honest, I don't know how to do it.

There is a ton of DNS server software for windows. It's just another service. I have never done it on windows. I use Linux, where it is quite simple to install. From reading the link above, it seems quite easy on Windows as well.
--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"



TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
Reviews:
·Optimum Online
·Clearwire Wireless
reply to zolcos

Re: 404?

said by zolcos:

DNS doesn't produce 404 errors. 404 is an HTTP error code and I doubt Mediacom is doing anything with them.

No one said DNS produced the 404 error. What ISPs are doing is redirecting your connection to their adverts when their DNS server can't find the "SITE" you requested, or when the "URL" you requested from a valid site returns a 404 error.

If the URL you requested doesn't resolve at all IE the site does not exist, the normal browser response should be "Server not found". If, on the other hand, the site exists but the page you requested is not found on the site then a 404 error is returned by the website, and your browser should return "Error 404, Object not found".

In both cases above, nefarious ISPs detect both errors and hijack your connection by poisoning DNS and sending you to their advert site.

Bob
--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"


thedragonmas

join:2007-12-28
Albany, GA
kudos:1

its not "just" DNS so changing dns wont help

if any one bothered to read the thread »Mediacom redirect service-opted out, still hijacks searches.. youd see its not JUST dns redirection here. so changing the dns or running your own dns WONT help. its all so happening for genuine sites that just send a 404.

b10010011
Whats a Posting tag?

join:2004-09-07
Bellingham, WA

1 recommendation

Treewalk DNS

»ntcanuck.com/

Run it on one computer and set your router to that computers IP address as the first DNS server, then set something like Open-dns as the second and third

b10010011
Whats a Posting tag?

join:2004-09-07
Bellingham, WA

1 recommendation

reply to FFH5

Re: Run your own DNS people

You set your "run if the mill router" DNS server settings to the IP address of your DNS server, just like you set it now with your ISP's DNS server or OpenDNS

thedragonmas

join:2007-12-28
Albany, GA
kudos:1
reply to TamaraB

thedragonmas

join:2007-12-28
Albany, GA
kudos:1
reply to b10010011

Re: Treewalk DNS

said by b10010011:

»ntcanuck.com/

Run it on one computer and set your router to that computers IP address as the first DNS server, then set something like Open-dns as the second and third

for crying out loud, its not JUST the dns being affected here. »its not "just" DNS so changing dns wont help

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9
reply to TamaraB

Re: 404?

I'd like to see your evidence that they're intercepting responses from webservers (ala 404 errors) and replacing them with an ad page.

Hijacking NXDOMAIN is one thing. Connecting to an existing webserver, asking for a document, and your ISP replacing the answer... That should be criminal -- but, sadly, isn't.


ArrayList
netbus developer
Premium
join:2005-03-19
Brighton, MA
reply to NotOpenDNS

Re: Use OpenDNS PEOPLE!!

if you don't think someone is gobbling up your dns requests your crazy.


ArrayList
netbus developer
Premium
join:2005-03-19
Brighton, MA
reply to cramer

Re: 404?

if they are doing DPI along with NXDOMAIN they could easily catch all the 404 pages and replace them with whatever they want.


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
Reviews:
·Optimum Online
·Clearwire Wireless
reply to cramer
said by cramer:

I'd like to see your evidence that they're intercepting responses from webservers (ala 404 errors) and replacing them with an ad page.

Well, the evidence lies in the Original article at the top of this thread:

" ..... redirection to direct people who mistype URLs to an ad-laden search portal instead of a 404 error

The ONLY way I know that this can happen (given that the web-server is the entity sending the 404) is with ISP installed DPI hardware seeing the web-server generated 404 error response, eating it, and sending an ISP-generated advert page instead.

In fact, if indeed customers are getting redirected on 404 errors, this is proof of the ISP using DPI. DPI is essentially a full-blown wiretap, and should require a subpoena!

--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"



TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
Reviews:
·Optimum Online
·Clearwire Wireless
reply to thedragonmas

Re: Run your own DNS people

Right! It's not JUST NXDOMAIN poisoning, which breaks a lot of Internet software and should be banned on that account alone. It's also DPI, which is wiretapping, and should be banned on legal grounds; IE requires a subpoena.

The only way to circumvent this shit is to become as independent of your ISP as possible. In other words, use your ISP for connectivity and nothing more. Then they can't mess, monitor, or monetize you.
--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"



Aoxxt

join:2010-12-13
Dearborn, MI
reply to inferno4

Re: Use OpenDNS PEOPLE!!

Google's dns service is less evil and more standards compliant than OpenDNS and thats saying something

8.8.8.8
8.8.4.4


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
Reviews:
·Optimum Online
·Clearwire Wireless
reply to thedragonmas

Re: Treewalk DNS

said by thedragonmas:

for crying out loud, its not JUST the dns being affected here. »its not "just" DNS so changing dns wont help

It wont help everything, but it will stop a lot of it! It will stop ALL redirections due to mis-typed site names.

Are you sugesting people should not take steps to mitigate at least some of this ISP abuse? Why? Perhaps you have a dog in this race? Maybe you are an advertiser? What's up?

--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"



cline3621
Mr. Yuk is MEAN Mr. Yuk is GREEN
Premium
join:2006-06-14
Clarksville, TN

DNS Addresses

In my router, there are 3 different addresses I can set dns for.
1. 4.2.2.1
2. 4.2.2.2
3. 8.8.8.8
I have been using those for some time now, without issue.

Turbocpe
Premium
join:2001-12-22
IA
said by cline3621:

In my router, there are 3 different addresses I can set dns for.
1. 4.2.2.1
2. 4.2.2.2
3. 8.8.8.8
I have been using those for some time now, without issue.

Are you a Mediacom customer? Does not show that Mediacom serves Clarksville, TN.

This article is about Mediacom and using alternative DNS does not (or did not) resolve the issue.


corneliusnli

@sbcglobal.net
reply to FFH5

Re: Run your own DNS people

The way i do it (with a much smaller network) is BIND + DHCP server. DHCPD hand out IP addresses and the dns server to use and BIND handles the rest. I run a caching BIND server just to block ads and malware sites. so instead of downloading and maintaining multiple pieces of software, DNS blocks ad ~90% of ad sites.

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9
reply to TamaraB

Re: 404?

The original thread doesn't present any *proof*. They are only describing what they are seeing. If the ISP is running a transparent proxy then they aren't messing with your connection to a foreign server. (you aren't connecting to the server you think you are. which is a different thing to bitch about.)

I'd love to look into it myself, but they aren't my ISP. If you want a URL to test, I'll give you one -- the server (my server) answers with a custom 404 page. (it has been for over a decade.)

Turbocpe
Premium
join:2001-12-22
IA
Well what proof do you expect? Mediacom customers (such as myself) have confirmed this. You're asking for proof besides what they see. What proof will satisfy you? Some of the people involved in the thread discussed are/were Mediacom technicians!

I have a few sites on a dedicated server. The sites with a custom 404 don't result in Mediacom providing their assistance page. Sites without a custom 404 return Mediacom's assistance page.

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9
Packet captures of both sides. If the server is returning http status code 404 and not a 302 redirect to the error page, and they aren't messing with it, then there's a whole new set of questions about what the h*** they're doing.

In fact, just use telnet or netcat and watch the characters as you type them. (you'll have to be the web browser and web server in this experiment.)

(BTW, I didn't see anyone from mediacom fessing up to exactly what they're doing. Just several "it's fixed now" jedi-hand-waves.)

thedragonmas

join:2007-12-28
Albany, GA
kudos:1
reply to TamaraB

Re: Treewalk DNS

said by TamaraB:

said by thedragonmas:

for crying out loud, its not JUST the dns being affected here. »its not "just" DNS so changing dns wont help

It wont help everything, but it will stop a lot of it! It will stop ALL redirections due to mis-typed site names.

Are you sugesting people should not take steps to mitigate at least some of this ISP abuse? Why? Perhaps you have a dog in this race? Maybe you are an advertiser? What's up?

nice accusations there. and your wrong. my issue is people IMPLYING that changing their dns or running there own will magically fix all problems when the problem is clearly NOT just DNS and clearly DPI and THAT is the issue folks here are missing (apparantly) the outrage should be over the DPI interception of 404 pages for domains that DO exist. that should NEVER happen.

sure changing dns is a good idea, i personally have google as primary, opendns as secondary, and mediacoms as tertiary.

ofcourse open dns does the same crap with domain redirection for NX_DOMAIN instead of returning a simple "site not found" and yes changing dns will solve that problem, but it wont solve the REAL problem here of mediacom doing DPI and intercepting 404's for VALID domains.

EDIT: and yes im against domain interception, it breaks programs. i.e. site monitoring programs etc.