aefstoggaflmOpen Source Fan Premium Member join:2002-03-04 Bethlehem, PA Linksys E4200 ARRIS SB6141
|
Not acceptable behaivor by Charter CommunicationsAs address in Security Now! with Steve Gibson, Episode 158 for August 21, 2008: Listener Feedback #48Charter Communications, is intercepting DNS request and making it (the DNS request) go through their DNS Servers (Charter Communications). And to make matters worse, Someone used the DoxPara test page and they found their DNS server was vulnerable to DNS cache poisoning, with all the requests being sent out over a single port. Thanks a lot Charter Communications! |
|
|
I Think it should Go here » Charter Spectrum |
|
lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
to aefstoggaflm
Moved in from Security at OP request. |
|
|
to aefstoggaflm
If true, that certainly is unacceptable. If not for the fact that his test at DoxPara failed, I'd say it was an attempt by Charter to prevent that DNS cache poisoning problem. Noble, but misguided.
Since it did fail the test, I can only assume they would do this because they *really* want traffic on their error search engine (which no doubt is full of paid listings).
Truly unacceptable, unsafe and incompetant behavior. |
|
RocketJeff Premium Member join:2008-08-20 Birmingham, AL |
to aefstoggaflm
I just checked and my DNS queries are still going through OpenDNS. My guess is that this is part of the Charter's trial of targeted ads and the sale of the data to NebuAd. The New York Times has information about this at: » bits.blogs.nytimes.com/2 ··· get-ads/I'd guess that I'm still able to use OpenDNS since I'm not in one of the trial areas (Fort Worth, Texas; San Luis Obispo, Calif.; Oxford, Mass.; and Newtown, Conn). I'm relatively satisfied with Charter's internet service - this would definitely make me look at all of the other alternatives if they implement it here. |
|
|
|
to aefstoggaflm
|
|
aefstoggaflmOpen Source Fan Premium Member join:2002-03-04 Bethlehem, PA Linksys E4200 ARRIS SB6141
|
Thanks for that link, but this is worse than just that issue as addressed in that thread. If you did not read that episode and (or) listen to it: The user set the DNS Servers to OpenDNS on their (computer and) router, but Charter Communications does not allow them to use the DNS Servers set on the (computer and) router. While my ISP is not Charter Communications, this really has got me annoyed. An ISP can watch the DNS traffic all they want, is one thing... ..but altering it like that, Has gone to far. |
|
|
blahmeh
Anon
2008-Aug-23 2:57 pm
They did the same thing with TV, its their media now to do what they want with. If they want to sell your url history, redirect you, DPI, replace competitors ads, hijack websites its all far game. |
|
|
to aefstoggaflm
said by aefstoggaflm:While my ISP is not Charter Communications, this really has got me annoyed. An ISP can watch the DNS traffic all they want, is one thing... ..but altering it like that, Has gone to far. Nobody forces anyone to use their DNS servers. And Charter was was pretty much the the last of the major cable ISPs to implement this is some of their markets. In other words, Charter is such small potatoes compared to the real cable giants. |
|
MacLeechThe one and only Premium Member join:2001-07-14 SoCal 4 edits |
to aefstoggaflm
said by article linked by OP :
Let's move on to Question 7, Bill Richardson - former governor of New Mexico? No no no no, he's in Fort Worth, Texas - was surprised by the results of his sleuthing. He says: Hi, guys. I've been a faithful listener for almost two years, enjoy the show and look forward to it every week. Thanks for an informative, insightful, deep dive into security. On with the story. Long ago I changed my static DNS entries in my Linksys home wireless to the IP addresses of OpenDNS - something I do also. So during the recent discussions of DNS vulnerability I thought I had little to worry about.
However, the other day I fat-fingered a web request and got a Charter Communications "not found" result page. Wait a minute. Confused by this, I began to research. My router settings had not changed, and my client machine's IP config showed DNS set to the router IP and the two IP addresses of OpenDNS. Yet when I went to the DoxPara test page I found my DNS server was vulnerable to DNS cache poisoning, with all the requests being sent out over a single port. So is there anyone from Ft Worth, TX that can backup this claim that Charter is actually intercepting DNS requests sent to other DNS servers? Charter certainly does not intercept my DNS requests to other servers and my local Charter DNS servers are secure to this recent threat as well. |
|