dslreports logo
site
spacer

spacer
 
   
spc
story category
Mediacom DNS Ad Opt Out System Still Doesn't Work
Opt Out, Opt Out, Then Opt Out Again for Good Measure
by Karl Bode 12:20PM Thursday Mar 24 2011 Tipped by fatness See Profile
Over the last couple of months Mediacom has aggressively been deploying new advertising systems. Unfortunately for users, they're not doing a very good job of it. First the company deployed new DNS redirection ads with a broken opt-out system that couldn't be avoided even if you used an alternative DNS provider. Then we broke the story of how the company had started experimenting with javascript injection of their own ads into other websites, something the company refused to comment on. Mediacom has stopped the latter after our story made national headlines, but users in our Mediacom forum say that the company's DNS redirection ad opt out system still doesn't work.

Click for full size
DNS redirection provides ISPs with additional revenue by redirecting users to an ISP-run portal with ads instead of the normal 404 page. This can break some networking tools, so many of our users will often avoid DNS redirection with the use of alternative DNS services. In Mediacom's case however, the company appears to be using an implementation of deep packet inspection technology that makes this impossible, leaving the company's opt out as the only option. Except it doesn't work.

Users who previously opted out of the "service" say it is magically and repeatedly re-enabled. Some users say they've tried to opt out of the service more than a dozen times. For the last month or two Mediacom support reps have been telling users to opt in, then opt out again to make the settings "stick." None of this has worked, and users in our forums have taken to recording videos of the opt out system not working -- repeatedly -- in some hope that Mediacom resolves the issue. Mediacom continues to inform users they're looking into the problems.

Combined with the company's experimentation with Javascript site content hijacking -- it's become fairly clear that Mediacom was so smitten with potential ad revenue, they didn't fully test these systems before foisting them on their customers.

view:
topics flat nest 
nweaver

join:2010-01-13
Napa, CA

Can someone using Mediacom please run Netalyzr?

Can someone using mediacom please run Netalyzr »netalyzr.net and post the result link?

Tehrasha

join:2004-12-15
Vinton, IA

1 edit

Re: Can someone using Mediacom please run Netalyzr?

»n1.netalyzr.icsi.berkeley.edu/su···cda-a5f6

I should mention, that I am not using MC DNS, and have not seen any MC redirecting.
nweaver

join:2010-01-13
Napa, CA

Re: Can someone using Mediacom please run Netalyzr?

Thanks. Its clear that they aren't intercepting DNS traffic in your case, at least from Google public DNS or a semantic enforcing mandatory proxy.

You have your computer configured to use Google public DNS, plus it gets the DNS setting from your NAT which you've also configured for Google public DNS. (I'm assuming 167.142.225.4 is a work DNS server you're also configured to use?)

Tehrasha

join:2004-12-15
Vinton, IA

Re: Can someone using Mediacom please run Netalyzr?

That 167 server is an artifact from a recent ISP switch. Must be set in one of the tertiary settings...

Tehrasha

join:2004-12-15
Vinton, IA
Reran the tool after restting my system to MC supplied servers.

DNS Servers
97.64.183.164
97.64.209.37

»n3.netalyzr.icsi.berkeley.edu/su···1f7-a987
nweaver

join:2010-01-13
Napa, CA

Re: Can someone using Mediacom please run Netalyzr?

Thanks. It looks like they aren't wildcarding you at least, which is good.
firedrakes

join:2009-01-29
Arcadia, FL
i have had it happen also

buzz_4_20

join:2003-09-20
Limestone, ME

OpenDNS FTW

Just Sayin'

FFH
Premium
join:2002-03-03
Tavistock NJ
kudos:5

Re: OpenDNS FTW

said by buzz_4_20:

OpenDNS FTW Just Sayin'

OpenDNS is very good at dns & filtering. But if you do video streaming thru a CDN they may end up giving you non-optimal routing than you would get from your ISPs dns servers. CDNs often use dns server location to make routing decisions.
--
Record your speedtest.net results in DSLReports SpeedWave
»www.speedtest.net/wave/afe201cb84d45c88

buzz_4_20

join:2003-09-20
Limestone, ME

Re: OpenDNS FTW

That is a very valid point. Is there a solution other than changing back to the ISPs DNS servers?

FFH
Premium
join:2002-03-03
Tavistock NJ
kudos:5

Re: OpenDNS FTW

said by buzz_4_20:

That is a very valid point. Is there a solution other than changing back to the ISPs DNS servers?

Not that I am aware of for that 1 issue of CDN routing.

I guess if you only stream video occasionally or from a specific device in your household like an iPad, you could point at the ISP dns servers only when initiating a video stream(that is switch DNS servers as needed) or only if video streaming from 1 of your devices(that is point only that device at the ISP dns servers).
--
Record your speedtest.net results in DSLReports SpeedWave
»www.speedtest.net/wave/afe201cb84d45c88

Tehrasha

join:2004-12-15
Vinton, IA
This has also been effecting people using 3rd party DNS... just sayin.
thedragonmas

join:2007-12-28
Albany, GA
kudos:1
said by buzz_4_20:

Just Sayin'

opendns will NOT work for this.

DNS redirection provides ISPs with additional revenue by redirecting users to an ISP-run portal with ads instead of the normal 404 page. This can break some networking tools, so many of our users will often avoid DNS redirection with the use of alternative DNS services. In Mediacom's case however, the company appears to be using an implementation of deep packet inspection technology that makes this impossible, leaving the company's opt out as the only option. Except it doesn't work.



this isnt JUST dns hijacking. they are allso hijacking 404 pages. i.e. AFTER a valid dns responce has been recieved and the target server reached. they have all so been caught putting ad's in frames over a valid website.

so no amount of 3rd party dns including but not limited to opendns, googledns, treewalk, or bind. will fix this.

dvd536
as Mr. Pink as they come
Premium
join:2001-04-27
Phoenix, AZ
kudos:4
said by buzz_4_20:

Just Sayin'

So redirects under another name is better?
opendns has them too.
4.2.2.1, 4.2.2.2 for "clean DNS"
--
The early bird gets the worm but the second mouse gets the cheese

Anony2929229

@comcast.net

hmmmm

They should have read »tools.ietf.org/html/draft-living···tion-8.4

Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6

Close & reopen the browser?

re "...users in our forums have taken to recording videos of the opt out system not working -- repeatedly --"
I didn't see the browser being closed during the video.
That could have made a difference (in that particular instance)

exocet_cm
Free at last, free at last
Premium
join:2003-03-23
New Orleans, LA
kudos:3

www.opendns.com

208.67.222.222

208.67.220.220

Edit
And these (part of their FamilyShield DNS)

208.67.222.123

208.67.220.123
thedragonmas

join:2007-12-28
Albany, GA
kudos:1

Re: www.opendns.com

opendns will NOT work for this.

DNS redirection provides ISPs with additional revenue by redirecting users to an ISP-run portal with ads instead of the normal 404 page. This can break some networking tools, so many of our users will often avoid DNS redirection with the use of alternative DNS services. In Mediacom's case however, the company appears to be using an implementation of deep packet inspection technology that makes this impossible, leaving the company's opt out as the only option. Except it doesn't work.



this isnt JUST dns hijacking. they are allso hijacking 404 pages. i.e. AFTER a valid dns responce has been recieved and the target server reached. they have all so been caught putting ad's in frames over a valid website.

so no amount of 3rd party dns including but not limited to opendns, googledns, treewalk, or bind. will fix this.

exocet_cm
Free at last, free at last
Premium
join:2003-03-23
New Orleans, LA
kudos:3

Re: www.opendns.com

said by thedragonmas:

opendns will NOT work for this.

DNS redirection provides ISPs with additional revenue by redirecting users to an ISP-run portal with ads instead of the normal 404 page. This can break some networking tools, so many of our users will often avoid DNS redirection with the use of alternative DNS services. In Mediacom's case however, the company appears to be using an implementation of deep packet inspection technology that makes this impossible, leaving the company's opt out as the only option. Except it doesn't work.



this isnt JUST dns hijacking. they are allso hijacking 404 pages. i.e. AFTER a valid dns responce has been recieved and the target server reached. they have all so been caught putting ad's in frames over a valid website.

so no amount of 3rd party dns including but not limited to opendns, googledns, treewalk, or bind. will fix this.

Lame
--
"I have measured out my life with coffee spoons..." - T.S Eliot
"I have often regretted my speech, never my silence." - Publilius Syrus
Ma blog: »www.johndball.com
chgo_man99

join:2010-01-01
San Jose, CA

lame

And the town I am moving to in order to have job, only provides mediacom and qwest. Mediacom has at best 20mb and qwest only 7 mb. They push 2 year contract on new cable customers!

So should I go with if I have a choice to do this in my new place:

1) mediacom cable and internet (bundled package)
2) directv and mediacom internet (unbundled, higher price)
3) directv and qwest dsl (bundled).

?
Walter Dnes

join:2008-01-27
Thornhill, ON

Possible workaround for DNS intercept

This can break some networking tools, so many of our users will often avoid DNS redirection with the use of alternative DNS services. In Mediacom's case however, the company appears to be using an implementation of deep packet inspection technology that makes this impossible, leaving the company's opt out as the only option. Except it doesn't work.
I think I may have an answer to this, at least under linux. I'm not familiar enough with Windows to know if this will work, but I know that Windows does have a ROUTE command, so it may translate to Windows. My procedure would require a broadband connection AND A DIALUP CONNECTION SIMULTANEOUSLY. Here is my /etc/conf.d/net file (Gentoo linux)
config_eth0=(
"192.168.123.249 broadcast 192.168.123.255 netmask 255.255.255.248 mtu 1454"
"169.254.1.3 broadcast 169.254.255.255 netmask 255.255.0.0")
routes_eth0=(
"default via 192.168.123.254 metric 2"
"192.168.123.248/29 via 192.168.123.254 metric 0"
"169.254.0.0/16 via 169.254.1.3 metric 0"
)

The reasons for the complexity are as follows...
•The 169.254.x.y is for my network-enabled OTA TV tuner, which INSISTS on coming up with a "zero-config" address.
•I have a dialup account as a backup. The linux "pon" dialup software creates ppp0 and adds a route (metric 1???) statement, which gets over-ridden by the existing route
•In the past, I had to basically tear down eth0 before starting dialup, and then restart it after disconnecting dialup. This meant that I couldn't stay connected with my backup machine during the dialup session.
•My current setup uses "metric 0" (highest priority) for my little LAN and the TV tuner
•The default route (everything else, including the internet) goes via a "metric 2" route
•when I fire up dialup, it does a "metric 1" route, which forces internet access via ppp0, but leaves LAN access alone

Building from this, when a dialup connection is established, run a short script that
•clears the current default route
•sets up a default with metric 2 via eth0 (broadband)
•creates a couple of /32 routes with metric 0, pointing at the outside DNS servers via ppp0 (the dialup connection)
•plan B for linux is to have iptables/netfilter force outbound packets with destination port 53 to use ppp0. I don't know if there is a Windows equivalent.

Because the DNS queries go via the dialup connection, the packets completely bypass Mediacom (unless your dialup connection is via Mediacom as well). Because Mediacom never sees the packets, it can't touch your DNS queries. Dialup is slower, but for small packets like DNS traffic, it's perfectly sufficient. Any comments?
scooper

join:2000-07-11
Youngsville, NC
kudos:2

Re: Possible workaround for DNS intercept

Wouldn't it just be easier to run your own DNS server that talks to the root servers ?
Walter Dnes

join:2008-01-27
Thornhill, ON

Re: Possible workaround for DNS intercept

said by scooper:

Wouldn't it just be easier to run your own DNS server that talks to the root servers ?

Have you read the "BIND 9 Administrator Reference Manual"? It's a 174 page PDF!!! »www.bind9.net/arm97.pdf Monkeying around with routes or iptables is a lot easier.
twhiting9275

join:2002-08-30
Waterloo, IA
Reviews:
·Mediacom

OpenDNS FTW

Been using OpenDNS for years now, and despite claiims of this not stopping the MC links, this does in fact do so. In fact, I just tested both 404 redirects, and domain redirects, and neither went to mediacom, both going right where they were supposed to.