dslreports logo
site
spacer

spacer
 
   
spc
story category
Mediacom Users Struggle To Opt Out Of DNS Redirection Ads
Opt In, Then Opt Out -- Just To Opt Out...
by Karl Bode 08:40AM Friday Feb 04 2011 Tipped by burner50 See Profile
Like many ISPs, cable operator Mediacom is now using DNS redirection to direct people who mistype URLs to a an ad-laden search portal instead of a 404 error -- as a way to generate additional revenue. Also like many ISPs, our users are noting that Mediacom's opt-out for this service doesn't really work, with users still getting the Mediacom ads even after clearly saying they'd like not to. Interestingly, this has been happening for Google search bar results whether or not users use a third party DNS service like OpenDNS -- suggesting the company is tinkering with additional layers of deep packet inspection technology (recall Windstream struggled with bugs with this technology and hijacked Firefox search bar results). Mediacom says the company has fixed the problem, and that users need to opt in to DNS redirection ads -- then opt back out again -- in order to actually opt out. If you're a Mediacom customer, can you drop us a line and let us know if that's working for you?

view:
topics flat nest 

TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1

Run your own DNS people

It stops this BS as well as some ISP tracking!

inferno4

join:2008-07-06

Use OpenDNS PEOPLE!!

Wish people would stop complaining about their DNS and just use OpenDNS!

208.67.222.222
208.67.220.220
ISurfTooMuch

join:2007-04-23
Tuscaloosa, AL

Re: Use OpenDNS PEOPLE!!

Using OpenDNS will only help with the DNS redirection. If they're using DPI, you're SOL.

Now, if you run your own DNS servers, you might be in a better position, since your query would be answered before it leaves your local network.

Karl Bode
News Guy
join:2000-03-02
kudos:42

Re: Use OpenDNS PEOPLE!!

Correct, as the users note -- this stuff is working whether or not they use third-party DNS alternatives.

NotOpenDNS

@myvzw.com
You're seriously recommending OpenDNS on a thread regarding invasive DPI and NXDOMAIN poisoning?

You're replacing one evil with an even larger evil -- OpenDNS happily gorges themselves on the demographic information you freely slap against their resolvers. The solution is to indeed run your own DNS server pointed at roothints and not rely on any "free" DNS service or sadly, your own ISPs.

Have you read OpenDNS's privacy policy; »www.opendns.com/privacy/

"Statistics are not personally identifiable but are correlated to your IP address and your account if you have signed up for one. OpenDNS uses Statistics to provide you with the DNS service and for internal analysis."

"In addition, OpenDNS also collects potentially personally-identifying information like the Internet Protocol (IP) addresses from which DNS requests are made. For its DNS services, OpenDNS temporarily stores logs to monitor and improve our quality of service, and to collect high-level aggregate Statistics."

Before you recommend a service spend some time reading exactly what you collect. You may find you've simply traded one privacy invasive technology for another. OpenDNS is doing what many of the ISP resolvers are now doing -- profiting from your data.

Finally, Karl, thank you for tying this back into Windstream, it's good that you've done this so people don't forget just how heinous their acts were and how evasive they were in admitting they were doing DPI.

ArrayList
DevOps
Premium
join:2005-03-19
Brighton, MA

Re: Use OpenDNS PEOPLE!!

if you don't think someone is gobbling up your dns requests your crazy.

Aoxxt

join:2010-12-13
Dearborn, MI
Google's dns service is less evil and more standards compliant than OpenDNS and thats saying something

8.8.8.8
8.8.4.4

FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5

Re: Run your own DNS people

said by TamaraB:

Run your own DNS people
It stops this BS as well as some ISP tracking!

Ok. Now how do you set that up for a run of the mill retail wireless router that 90% of the users will be using? And who have smartphones, xboxes, Wiis, iPads, etc using Wifi to access the Internet and not just a desktop or laptop?

TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless

2 recommendations

Re: Run your own DNS people

said by FFH5:

Ok. Now how do you set that up for a run of the mill retail wireless router that 90% of the users will be using? And who have smartphones ....

You can't run a DNS server on any phone I know of, however, most can connect to the Internet via VPN. What I do on my iPhone is run it through my off-shore VPN. That cures all these nefarious ills.

On my laptop and on my netbook, I simply run Bind9.

To circumvent e-mail snooping, I use DynDns to ID my box wherever and whatever I am connected to, and run postfix to deliver and pick up my email.

The ONLY way around all this ISP bullshit is to use them as the dumb pipe they really are. If you use your ISP this way, all they see is an encrypted data-stream immune to DPI, port blocking, DNS-Redirection, and usage-logging. The very slight speed hit is worth the added security and privacy.

It works perfectly fine for me, and I feel comfortable that my ISP knows nothing about my activities, nor can they "manage" me in any way. It's called NET-NEUTRALITY, and FREEDOM, and is technically available today if you want to do the leg work to implement it.

Bob
--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"

b10010011
Whats a Posting tag?

join:2004-09-07
Bellingham, WA

1 recommendation

You set your "run if the mill router" DNS server settings to the IP address of your DNS server, just like you set it now with your ISP's DNS server or OpenDNS

corneliusnli

@sbcglobal.net
The way i do it (with a much smaller network) is BIND + DHCP server. DHCPD hand out IP addresses and the dns server to use and BIND handles the rest. I run a caching BIND server just to block ads and malware sites. so instead of downloading and maintaining multiple pieces of software, DNS blocks ad ~90% of ad sites.
thedragonmas

join:2007-12-28
Albany, GA
kudos:1

Re: Run your own DNS people

said by corneliusnli :

The way i do it (with a much smaller network) is BIND + DHCP server. DHCPD hand out IP addresses and the dns server to use and BIND handles the rest. I run a caching BIND server just to block ads and malware sites. so instead of downloading and maintaining multiple pieces of software, DNS blocks ad ~90% of ad sites.

does that block intercepted 404 errors? as in a real valid domain name, but you goofed on a page name and youd NORMALLY get a 404 from the site. in this case (and what most people seem to be missing here) is that thats what happens as well. changing dns will solve "some" of it. but in this case you could have a valid site, but a goofed page i.e. »/thispageainth ··· ere.html you SHOULD get a 404 since dslreports obviously exists, what users are reporting is you DONT get a 404, instead your getting the mediacom redirect.

yes, people should be angry over dns redirection, its a nasty "feature" that breaks some programs. but they should be just as angry or MORE SO that valid domains are getting intercepted for page 404's
TheRogueX

join:2003-03-26
Springfield, MO
Sadly, most people have no idea how to set up their routers, let alone a DNS server. Hell, I work with computers every day and I'll be honest, I don't know how to do it.

TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless

1 recommendation

Re: Run your own DNS people

said by TheRogueX:

Sadly, most people have no idea how to set up their routers, let alone a DNS server.

You shouldn't need to do anything with the router. All DNS queries are initiated from inside.

said by TheRogueX:

Hell, I work with computers every day and I'll be honest, I don't know how to do it.

There is a ton of DNS server software for windows. It's just another service. I have never done it on windows. I use Linux, where it is quite simple to install. From reading the link above, it seems quite easy on Windows as well.
--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"

thedragonmas

join:2007-12-28
Albany, GA
kudos:1
»its not "just" DNS so changing dns wont help

TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless

Re: Run your own DNS people

Right! It's not JUST NXDOMAIN poisoning, which breaks a lot of Internet software and should be banned on that account alone. It's also DPI, which is wiretapping, and should be banned on legal grounds; IE requires a subpoena.

The only way to circumvent this shit is to become as independent of your ISP as possible. In other words, use your ISP for connectivity and nothing more. Then they can't mess, monitor, or monetize you.
--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"


Dude111
An Awesome Dude
Premium
join:2003-08-04
USA
kudos:13

1 edit
When the cable company first gave me this POS SMC router it did just this! (An invalid typed URL would goto a search page by this ISP)

I HAD A HELL OF A TIME CHANGING THE DNS SETTINGS!!!! (It wouldnt use the new ones i put in)

TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless

Re:  

said by Dude111:

When the cable company first gave me this POS SMC router it did just this! (An invalid typed URL would goto a search page by this ISP)

»www.wsearch.net

I HAD A HELL OF A TIME CHANGING THE DNS SETTINGS!!!! (It wouldnt use the new ones i put in)

Forget about the router settings. Running your own DNS makes you independent of router as well as ISP settings.

When you connect to a router/Access Point, set up your PC's network settings to obtain an ADDRESS ONLY from DHCP. Then point your network DNS settings to localhost if you have a dns server running, or to a non-isp dns server if you don't.

Bob

--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"

zolcos

join:2010-05-19
Houghton, MI

404?

cable operator Mediacom is now using DNS redirection to direct people who mistype URLs to a an ad-laden search portal instead of a 404 error
DNS doesn't produce 404 errors. 404 is an HTTP error code and I doubt Mediacom is doing anything with them.

TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless

Re: 404?

said by zolcos:

DNS doesn't produce 404 errors. 404 is an HTTP error code and I doubt Mediacom is doing anything with them.

No one said DNS produced the 404 error. What ISPs are doing is redirecting your connection to their adverts when their DNS server can't find the "SITE" you requested, or when the "URL" you requested from a valid site returns a 404 error.

If the URL you requested doesn't resolve at all IE the site does not exist, the normal browser response should be "Server not found". If, on the other hand, the site exists but the page you requested is not found on the site then a 404 error is returned by the website, and your browser should return "Error 404, Object not found".

In both cases above, nefarious ISPs detect both errors and hijack your connection by poisoning DNS and sending you to their advert site.

Bob
--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9

Re: 404?

I'd like to see your evidence that they're intercepting responses from webservers (ala 404 errors) and replacing them with an ad page.

Hijacking NXDOMAIN is one thing. Connecting to an existing webserver, asking for a document, and your ISP replacing the answer... That should be criminal -- but, sadly, isn't.

ArrayList
DevOps
Premium
join:2005-03-19
Brighton, MA

Re: 404?

if they are doing DPI along with NXDOMAIN they could easily catch all the 404 pages and replace them with whatever they want.

TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless
said by cramer:

I'd like to see your evidence that they're intercepting responses from webservers (ala 404 errors) and replacing them with an ad page.

Well, the evidence lies in the Original article at the top of this thread:

" ..... redirection to direct people who mistype URLs to an ad-laden search portal instead of a 404 error

The ONLY way I know that this can happen (given that the web-server is the entity sending the 404) is with ISP installed DPI hardware seeing the web-server generated 404 error response, eating it, and sending an ISP-generated advert page instead.

In fact, if indeed customers are getting redirected on 404 errors, this is proof of the ISP using DPI. DPI is essentially a full-blown wiretap, and should require a subpoena!

--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9

Re: 404?

The original thread doesn't present any *proof*. They are only describing what they are seeing. If the ISP is running a transparent proxy then they aren't messing with your connection to a foreign server. (you aren't connecting to the server you think you are. which is a different thing to bitch about.)

I'd love to look into it myself, but they aren't my ISP. If you want a URL to test, I'll give you one -- the server (my server) answers with a custom 404 page. (it has been for over a decade.)
Turbocpe
Premium
join:2001-12-22
IA

Re: 404?

Well what proof do you expect? Mediacom customers (such as myself) have confirmed this. You're asking for proof besides what they see. What proof will satisfy you? Some of the people involved in the thread discussed are/were Mediacom technicians!

I have a few sites on a dedicated server. The sites with a custom 404 don't result in Mediacom providing their assistance page. Sites without a custom 404 return Mediacom's assistance page.
cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9

Re: 404?

Packet captures of both sides. If the server is returning http status code 404 and not a 302 redirect to the error page, and they aren't messing with it, then there's a whole new set of questions about what the h*** they're doing.

In fact, just use telnet or netcat and watch the characters as you type them. (you'll have to be the web browser and web server in this experiment.)

(BTW, I didn't see anyone from mediacom fessing up to exactly what they're doing. Just several "it's fixed now" jedi-hand-waves.)
Turbocpe
Premium
join:2001-12-22
IA

Re: 404?

Unfortunately that is getting above my skill level. But I'd be willing to entertain it if I had some guidance.

As far as anyone from Mediacom fessing up on it, I doubt it. I meant that a few Mediacom employees in the thread - who aren't advertised as employees but those who have been in the Mediacom forum do know - have confirmed the results that we customers have seen.
thedragonmas

join:2007-12-28
Albany, GA
kudos:1

its not "just" DNS so changing dns wont help

if any one bothered to read the thread »Mediacom redirect service-opted out, still hijacks searches.. youd see its not JUST dns redirection here. so changing the dns or running your own dns WONT help. its all so happening for genuine sites that just send a 404.
b10010011
Whats a Posting tag?

join:2004-09-07
Bellingham, WA

1 recommendation

Treewalk DNS

»ntcanuck.com/

Run it on one computer and set your router to that computers IP address as the first DNS server, then set something like Open-dns as the second and third
thedragonmas

join:2007-12-28
Albany, GA
kudos:1

Re: Treewalk DNS

said by b10010011:

»ntcanuck.com/

Run it on one computer and set your router to that computers IP address as the first DNS server, then set something like Open-dns as the second and third

for crying out loud, its not JUST the dns being affected here. »its not "just" DNS so changing dns wont help

TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless

Re: Treewalk DNS

said by thedragonmas:

for crying out loud, its not JUST the dns being affected here. »its not "just" DNS so changing dns wont help

It wont help everything, but it will stop a lot of it! It will stop ALL redirections due to mis-typed site names.

Are you sugesting people should not take steps to mitigate at least some of this ISP abuse? Why? Perhaps you have a dog in this race? Maybe you are an advertiser? What's up?

--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"

thedragonmas

join:2007-12-28
Albany, GA
kudos:1

Re: Treewalk DNS

said by TamaraB:

said by thedragonmas:

for crying out loud, its not JUST the dns being affected here. »its not "just" DNS so changing dns wont help

It wont help everything, but it will stop a lot of it! It will stop ALL redirections due to mis-typed site names.

Are you sugesting people should not take steps to mitigate at least some of this ISP abuse? Why? Perhaps you have a dog in this race? Maybe you are an advertiser? What's up?

nice accusations there. and your wrong. my issue is people IMPLYING that changing their dns or running there own will magically fix all problems when the problem is clearly NOT just DNS and clearly DPI and THAT is the issue folks here are missing (apparantly) the outrage should be over the DPI interception of 404 pages for domains that DO exist. that should NEVER happen.

sure changing dns is a good idea, i personally have google as primary, opendns as secondary, and mediacoms as tertiary.

ofcourse open dns does the same crap with domain redirection for NX_DOMAIN instead of returning a simple "site not found" and yes changing dns will solve that problem, but it wont solve the REAL problem here of mediacom doing DPI and intercepting 404's for VALID domains.

EDIT: and yes im against domain interception, it breaks programs. i.e. site monitoring programs etc.

TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless

Re: Treewalk DNS

said by thedragonmas:

.... the problem is clearly NOT just DNS and clearly DPI and THAT is the issue folks here are missing (apparantly) the outrage should be over the DPI interception of 404 pages for domains that DO exist. that should NEVER happen.

The fundamental issue here, at it's core, is financial greed. It's the monetizing of your use of the internet. These practices are being carried out by the blatant violation of the very RFC's which make the Internet work. The most egregious of these abuses is the breaking of the DNS system.

DNS is the most fundamental and the most critical component of the entire network, second only to access itself. It's the one Internet service which needs to be kept absolutely free of corruption, because it is the one service which is most vulnerable to abuse. DNS is abused by governments and by corporations to censor content. It is abused by corporations to drive traffic to their own services and by blocking access to competitors.

Think about it. If you were to dial an invalid number on your phone and instead of getting an error tone/message, or a busy signal, you got an advert from your phone company -- wouldn't you conclude that your phone company was broken? What if every business you called on your phone was recorded and stored, and then you received "targeted" cold-calls from phone spammers? Wouldn't you conclude that you were being illegally abused?

The Internet is rapidly replacing much of what we used to do by more traditional means (phone, mail, face-to-face encounters), and needs to be given the same protections those forms had in the past.

said by thedragonmas:

sure changing dns is a good idea, i personally have google as primary, opendns as secondary, and mediacoms as tertiary.

This does nothing to mitigate the problem. All you are doing is transferring control from one abuser to another. DNS services from Google and OpenDNS are far worse offenders when it comes to privacy. They scrape up and sell data from a very wide range of users across practically every ISP on the planet, and as you have said "open dns does the same crap with domain redirection". How long before Google redirects requests for picture services to their own sites? You have gained nothing by switching from one abusive service to another.

The only way to avoid this is to query the root servers directly, and you can only do that if you run your own DNS.

said by thedragonmas:

... and yes changing running your own dns will solve that problem, but it wont solve the REAL problem here of mediacom doing DPI and intercepting 404's for VALID domains.

This is why I have stated several times upthread, that the only way to circumvent ALL these abusive ISP and other greedy corporate practices, is to run your connection through a VPN in addition to running your own DNS.

I use an $8.00/Mo off-shore VPN service (my service does not keep logs), plus I run my own DNS and email. This insulates me from all spying, redirections, and port-blocks.

As with everything else on the Internet, if you rely on the tender mercies of government or corporations to protect you, you are so screwed! If you want a free and open Internet, you basically have to do it yourself. Running your own DNS is a big first step.

Bob
--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"


cline3621
Mr. Yuk is MEAN Mr. Yuk is GREEN
Premium
join:2006-06-14
Clarksville, TN

DNS Addresses

In my router, there are 3 different addresses I can set dns for.
1. 4.2.2.1
2. 4.2.2.2
3. 8.8.8.8
I have been using those for some time now, without issue.
Turbocpe
Premium
join:2001-12-22
IA

Re: DNS Addresses

said by cline3621:

In my router, there are 3 different addresses I can set dns for.
1. 4.2.2.1
2. 4.2.2.2
3. 8.8.8.8
I have been using those for some time now, without issue.

Are you a Mediacom customer? Does not show that Mediacom serves Clarksville, TN.

This article is about Mediacom and using alternative DNS does not (or did not) resolve the issue.

Anonymous
Premium
join:2004-06-01
IA
kudos:2

Not DNS related

I have never used Mediacom DNS due to outages and poor performance. I either use Level 3 or Google DNS. I got the hijack and opted out. I guess I was one of the few that were lucky because it actually worked.
--
I speak for myself, not my employer.

Thran

join:2002-01-05
Hibbing, MN

media com redirction

I have media com and if you mistype an address, it brings to you the page to make a choice of what you were looking for. sadly none of the main listings are what you want. On the right side of page is the best possible address. Click them and it just brings up more wrong choice. So its a pain in @$$.