[ Express] Workarounds for Rogers' web hijacking in Rogers

[ Express] Workarounds for Rogers' web hijacking in Rogers http://www.dslreports.com/forum/r20354829 en Sun, 06 Dec 2009 13:02:12 EDT Sun, 06 Dec 2009 13:02:12 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20450895 elwoodblues : Fast is an understatement. I make a DNS change for work, and within minutes those Namservers are already updated.

This allows me to RDP home to test my changes]]> http://www.dslreports.com/forum/remark,20450895 Thu, 08 May 2008 11:04:00 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20450333 RandomZero : yep, confirmed that dns doesn't do anything for this :(

Also, that 64.* ip address apparently does nothing.

I've added it and the dns to my hosts file as well as peer guardian and I'm still recieving the alerts.

Upon further testing (adding double spaces in my hosts file and browsing around different websites for the past 15 or so minutes), I've discovered I've yet to recieve another popup... Perhaps this does work? And you don't even have to refresh anything, it just doesn't display anything..]]> http://www.dslreports.com/forum/remark,20450333 Thu, 08 May 2008 08:52:12 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20389533 anon : Nah, billing cycle is on the 10th of the month and i started noticing this change immediately after upgrading.
Still no popup btw. after quite a few hours.]]> http://www.dslreports.com/forum/remark,20389533 Sat, 26 Apr 2008 00:50:41 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20389212 anon : Maybe you just simply went into a new billing cycle. go to rogers.com and check your current usage. As long as it's below 75% for the current billing cycle, you won't see anything. Otherwise, the ip blocking is the most effective way.]]> http://www.dslreports.com/forum/remark,20389212 Fri, 25 Apr 2008 23:28:06 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20387814 anon : Something weird happening here but maybe good. Could be a coincidence but...

I've updated my XP OS to sp3 and so far, no injection popup.
I still use FF and have Adblock running but Adblock shows the dreaded Roger-Dodgers ip in the "blocked list" in red txt.
The red txt is not even appearing in the list.
I'm going through my bookmarks and refreshing pages that usually would be affected by now but nothing.

I'll post results later as well as maybe it's a fluke.

Or...maybe some weird coincidence has occurred that within sp3, there has been a security issue addressed that is similar to the tech rogers is using to inject this mess.]]> http://www.dslreports.com/forum/remark,20387814 Fri, 25 Apr 2008 18:34:24 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20387029 anon : One thing i have noticed about this popup is that it has NEVER popped up in my case when refreshing dslreports.com or the "Startup/Homepage" for Firefox with Google search engine.

....interesting..]]> http://www.dslreports.com/forum/remark,20387029 Fri, 25 Apr 2008 16:14:41 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20387007 anon : Agreed StuckWithRogers.
I already have the ip blocked(FF with Adblock)and I am constantly hitting Refresh. I would just like to get around that popup altogether.]]> http://www.dslreports.com/forum/remark,20387007 Fri, 25 Apr 2008 16:11:22 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20386683 anon : I don't believe redirecting your DNS lookup will do anything. Rogers is performing a man-in-the-middle attack. Regardless of whose server you did the DNS lookup at, rogers will still hi-jack any unencrypted HTTP traffic, and inject their code mid-transit. The best solution is blocking all traffic to/from 64.71.251.10 and hitting refresh everytime you get a blank page.

Acknowledging those messages to me, would be like agreeing with their ridiculous cap (which I don't) so I would NEVER acknowledge that message even to make it go away. Too bad rogers has a monopoly in my neighborhood, else I'd have switched to teksavvy in a heartbeat.]]> http://www.dslreports.com/forum/remark,20386683 Fri, 25 Apr 2008 15:20:34 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20386295 anon : K, guys thanx for the replies. So, i went into my Linksys router and it says to sign up @ DynDNS.org.
Did that. Saved settings but i still get the pop up.
Forgive me noobness :p.

Anything I'm missing?]]> http://www.dslreports.com/forum/remark,20386295 Fri, 25 Apr 2008 14:14:13 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20384180 RandomZero :

said by Rogers user :

To change your DNS in Windows, go to Control Panel, double click Network Connections, right click on Local Area Connection, select Properties, then Internet Protocol TCP/IP , select properties, change the DNS servers.

yep.

If you're using a router then it might be easier to set the DNS in the router so any pc you connect will use it.]]> http://www.dslreports.com/forum/remark,20384180 Fri, 25 Apr 2008 07:49:27 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20384068 anon : To change your DNS in Windows, go to Control Panel, double click Network Connections, right click on Local Area Connection, select Properties, then Internet Protocol TCP/IP , select properties, change the DNS servers.]]> http://www.dslreports.com/forum/remark,20384068 Fri, 25 Apr 2008 06:34:23 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20379677 anon :

said by RandomZero :
The best and easiest way is to use 4.2.2.1/2/3/4 as your DNS servers.

They're fast, never go down, and I'm pretty sure they're corporate.

OK :huh:
Can someone please give a quick rundown what this means and how i can implement it.
As of right now, I'm using FF with "Adblock". I don't see the popup but i still have to hit "Refresh" often.
Does this "DNS redirect" avoid the popup altogether?

TIA]]> http://www.dslreports.com/forum/remark,20379677 Thu, 24 Apr 2008 12:54:09 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20370065 mordin :

said by gurn :

you can opt out of seeing the notifications

Only for the current billing cycle. Once you start the next billing cycle the messages will come back until you opt out again. So you'll have to 'opt out' once a month.
--
Intel P4 2.8 800 fsb, Asus P4P800 w/1GB PC3200 DDR RAM, 512 MB GeForce 7600GT, SB Audigy Gamer, DVD-Rom/CD-R Burner & LG Duel layer DVD Burner, 320 & 120 GB Internal & 2x 250 & 2x 500 GB External hard drives & Samsung 226BW 22" LCD Monitor]]> http://www.dslreports.com/forum/remark,20370065 Tue, 22 Apr 2008 17:59:17 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20369588 Pegasys66 :

said by Nemo888

:

Now that Teksavvy and third parties are being throttled this is the best deal in Canada.

You are really funny...
Now that Bell has imposed throttling on independant
ISPs, Rogers' own offerings look better in comparison.
Do you also torture puppies?
--
"I do not agree with what Sympatico is doing, but I will fight to the death for their right to do it to their own users."
And leave us alone!!!]]> http://www.dslreports.com/forum/remark,20369588 Tue, 22 Apr 2008 16:28:36 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20369365 anon : how?]]> http://www.dslreports.com/forum/remark,20369365 Tue, 22 Apr 2008 15:44:29 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20366387 anon : you can opt out of seeing the notifications]]> http://www.dslreports.com/forum/remark,20366387 Tue, 22 Apr 2008 00:30:48 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20366352 mordin :

said by Nemo888

:

Compared to throttling which was pure hell this is awesome. Now that Teksavvy and third parties are being throttled this is the best deal in Canada.

But Rogers still has throttling - even with caps, overage charges & warning banners. If your Rogers area is suffering throttling it's a 24/7 thing. Bell is throttling it's customers & 3rd party resellers during prime time only - roughly between 5 - 12pm.
--
Intel P4 2.8 800 fsb, Asus P4P800 w/1GB PC3200 DDR RAM, 512 MB GeForce 7600GT, SB Audigy Gamer, DVD-Rom/CD-R Burner & LG Duel layer DVD Burner, 320 & 120 GB Internal & 2x 250 & 2x 500 GB External hard drives & Samsung 226BW 22" LCD Monitor]]> http://www.dslreports.com/forum/remark,20366352 Tue, 22 Apr 2008 00:21:55 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20366111 Nemo888 : What is the big deal? I like the 75%/100% messages(hit 75% yesterday, hit acknoledge, done. No more messages till 100%) If you want just check "Do Not Send These Messages" instead of acknoledge and you never get one again. What a whiny over reaction.

I think 95GB a month is fair for the price and I don't want to go over. Compared to throttling which was pure hell this is awesome. Now that Teksavvy and third parties are being throttled this is the best deal in Canada.]]> http://www.dslreports.com/forum/remark,20366111 Mon, 21 Apr 2008 23:24:17 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20364137 anon : There is another good workaround on this problem:

everybody sends email and calls their helpdesk everyday until they give up. Otherwise, we will jam their mailbox and lines. After all, we are customers who are asking reasonable questions. It's our rights. :D]]> http://www.dslreports.com/forum/remark,20364137 Mon, 21 Apr 2008 16:55:52 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20361723 twizlar : OrgName: Level 3 Communications, Inc.
OrgID: LVLT
Address: 1025 Eldorado Blvd.
City: Broomfield
StateProv: CO
PostalCode: 80021
Country: US

NetRange: 4.0.0.0 - 4.255.255.255
CIDR: 4.0.0.0/8
NetName: LVLT-ORG-4-8
NetHandle: NET-4-0-0-0-1
Parent:
NetType: Direct Allocation
NameServer: NS1.LEVEL3.NET
NameServer: NS2.LEVEL3.NET
Comment:
RegDate:
Updated: 2004-06-04
--
Broadline Networks Inc.]]> http://www.dslreports.com/forum/remark,20361723 Mon, 21 Apr 2008 08:07:29 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20361575 RandomZero :

said by twizlar

:

Those are the Level3 open dns servers in chicago.

I heard they were verizon. Can't remmeber where I heard it though.]]> http://www.dslreports.com/forum/remark,20361575 Mon, 21 Apr 2008 06:48:54 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20360288 anon : there is a way to opt out of seeing them all together.]]> http://www.dslreports.com/forum/remark,20360288 Sun, 20 Apr 2008 21:05:14 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20359582 clewis4u91 : I have not seen a single one of these web page notifications. I've even switched my DNS servers back and still nothing. I know for a fact that I've gone over the limit this month, so meh, guess I won't have to worry about seeing them anyways.]]> http://www.dslreports.com/forum/remark,20359582 Sun, 20 Apr 2008 18:04:43 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20358392 twizlar : Those are the Level3 open dns servers in chicago.
--
Broadline Networks Inc.]]> http://www.dslreports.com/forum/remark,20358392 Sun, 20 Apr 2008 12:28:54 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20357643 Robrr : I've also got my DNS pointed there as well.]]> http://www.dslreports.com/forum/remark,20357643 Sun, 20 Apr 2008 06:37:49 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20357589 RandomZero : The best and easiest way is to use 4.2.2.1/2/3/4 as your DNS servers.

They're fast, never go down, and I'm pretty sure they're corporate.]]> http://www.dslreports.com/forum/remark,20357589 Sun, 20 Apr 2008 04:53:17 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20357112 Robrr : I'm stuck with IE, other people in my house dont like when I change stuff to make it better.]]> http://www.dslreports.com/forum/remark,20357112 Sun, 20 Apr 2008 00:07:23 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20355533 buttaknife : I use Firefox, NoScript and OpenDNS and I haven't seen it yet, not even a pop up block.]]> http://www.dslreports.com/forum/remark,20355533 Sat, 19 Apr 2008 17:26:47 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20355471 Stewy : what browsers are you using, I have firefox with flashblock and Norton 360 and I haven't seen the rogers grayware popups.

»en.wikipedia.org/wiki/Malware#Grayware]]> http://www.dslreports.com/forum/remark,20355471 Sat, 19 Apr 2008 17:11:40 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20355414 anon : for sure. they are coming from the same server, both the 75% and 100% notification. Cheers!]]> http://www.dslreports.com/forum/remark,20355414 Sat, 19 Apr 2008 16:54:20 EDT Re: [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20355364 Robrr : Hey thats good to hear...I punched the IP in on my router's firewall so that should stop or at least slow down all the junk coming from them :D

Hmm I wonder if it will stop there little bit that pops up when you get to 75% of your usage for the month.]]> http://www.dslreports.com/forum/remark,20355364 Sat, 19 Apr 2008 16:39:40 EDT [ Express] Workarounds for Rogers' web hijacking http://www.dslreports.com/forum/remark,20354829 anon : I have found a few ways to filter out the annoying Rogers hijacking notification on the top of our browsers:

1. The Best and easiest way. Rule Based Firewall. Block anything to 64.71.251.10.It's the rogers' hijacking server. Tested with built-in Vista firewall fine and Norton 360.
2. Personal proxy server. filter out url: »64.71.251.10/ByteCap-100-ES-English/index.js
(Not sure if they have French link, use a sniffer to find out) OR simply fileter out IP if your proxy has such feature.
3. Anti-adware.Not the normal one, but proxy based, such as freeware adscraper. It's slow and affects other web site view though.

Con: since rogers hijack your page and try to redirect you to their url from time to time, you will see a blank page with "done" at the bottom. Just hit refresh once or twice.]]> http://www.dslreports.com/forum/remark,20354829 Sat, 19 Apr 2008 14:27:26 EDT