dslreports logo
 story category
Mediacom DNS Ad Opt Out System Still Doesn't Work
Opt Out, Opt Out, Then Opt Out Again for Good Measure

Over the last couple of months Mediacom has aggressively been deploying new advertising systems. Unfortunately for users, they're not doing a very good job of it. First the company deployed new DNS redirection ads with a broken opt-out system that couldn't be avoided even if you used an alternative DNS provider. Then we broke the story of how the company had started experimenting with javascript injection of their own ads into other websites, something the company refused to comment on. Mediacom has stopped the latter after our story made national headlines, but users in our Mediacom forum say that the company's DNS redirection ad opt out system still doesn't work.

Click for full size
DNS redirection provides ISPs with additional revenue by redirecting users to an ISP-run portal with ads instead of the normal 404 page. This can break some networking tools, so many of our users will often avoid DNS redirection with the use of alternative DNS services. In Mediacom's case however, the company appears to be using an implementation of deep packet inspection technology that makes this impossible, leaving the company's opt out as the only option. Except it doesn't work.

Users who previously opted out of the "service" say it is magically and repeatedly re-enabled. Some users say they've tried to opt out of the service more than a dozen times. For the last month or two Mediacom support reps have been telling users to opt in, then opt out again to make the settings "stick." None of this has worked, and users in our forums have taken to recording videos of the opt out system not working -- repeatedly -- in some hope that Mediacom resolves the issue. Mediacom continues to inform users they're looking into the problems.

Combined with the company's experimentation with Javascript site content hijacking -- it's become fairly clear that Mediacom was so smitten with potential ad revenue, they didn't fully test these systems before foisting them on their customers.
view:
topics flat nest 
nweaver
join:2010-01-13
Napa, CA

nweaver

Member

Can someone using Mediacom please run Netalyzr?

Can someone using mediacom please run Netalyzr »netalyzr.net and post the result link?

Tehrasha
join:2004-12-15
Vinton, IA

1 edit

Tehrasha

Member

Re: Can someone using Mediacom please run Netalyzr?

»n1.netalyzr.icsi.berkele ··· cda-a5f6

I should mention, that I am not using MC DNS, and have not seen any MC redirecting.
nweaver
join:2010-01-13
Napa, CA

nweaver

Member

Re: Can someone using Mediacom please run Netalyzr?

Thanks. Its clear that they aren't intercepting DNS traffic in your case, at least from Google public DNS or a semantic enforcing mandatory proxy.

You have your computer configured to use Google public DNS, plus it gets the DNS setting from your NAT which you've also configured for Google public DNS. (I'm assuming 167.142.225.4 is a work DNS server you're also configured to use?)

Tehrasha
join:2004-12-15
Vinton, IA

Tehrasha

Member

Re: Can someone using Mediacom please run Netalyzr?

That 167 server is an artifact from a recent ISP switch. Must be set in one of the tertiary settings...
Tehrasha

Tehrasha to nweaver

Member

to nweaver
Reran the tool after restting my system to MC supplied servers.

DNS Servers
97.64.183.164
97.64.209.37

»n3.netalyzr.icsi.berkele ··· 1f7-a987
nweaver
join:2010-01-13
Napa, CA

nweaver

Member

Re: Can someone using Mediacom please run Netalyzr?

Thanks. It looks like they aren't wildcarding you at least, which is good.
firedrakes
join:2009-01-29
Arcadia, FL

firedrakes to nweaver

Member

to nweaver
i have had it happen also

buzz_4_20
join:2003-09-20
Dover, NH

buzz_4_20

Member

OpenDNS FTW

Just Sayin'

FFH5
Premium Member
join:2002-03-03
Tavistock NJ

FFH5

Premium Member

Re: OpenDNS FTW

said by buzz_4_20:

OpenDNS FTW Just Sayin'

OpenDNS is very good at dns & filtering. But if you do video streaming thru a CDN they may end up giving you non-optimal routing than you would get from your ISPs dns servers. CDNs often use dns server location to make routing decisions.

buzz_4_20
join:2003-09-20
Dover, NH

buzz_4_20

Member

Re: OpenDNS FTW

That is a very valid point. Is there a solution other than changing back to the ISPs DNS servers?

FFH5
Premium Member
join:2002-03-03
Tavistock NJ

FFH5

Premium Member

Re: OpenDNS FTW

said by buzz_4_20:

That is a very valid point. Is there a solution other than changing back to the ISPs DNS servers?

Not that I am aware of for that 1 issue of CDN routing.

I guess if you only stream video occasionally or from a specific device in your household like an iPad, you could point at the ISP dns servers only when initiating a video stream(that is switch DNS servers as needed) or only if video streaming from 1 of your devices(that is point only that device at the ISP dns servers).

Tehrasha
join:2004-12-15
Vinton, IA

Tehrasha to buzz_4_20

Member

to buzz_4_20
This has also been effecting people using 3rd party DNS... just sayin.

thedragonmas
Premium Member
join:2007-12-28
Albany, GA
Netgear R6300 v2
ARRIS SB6180

thedragonmas to buzz_4_20

Premium Member

to buzz_4_20
said by buzz_4_20:

Just Sayin'

opendns will NOT work for this.
DNS redirection provides ISPs with additional revenue by redirecting users to an ISP-run portal with ads instead of the normal 404 page. This can break some networking tools, so many of our users will often avoid DNS redirection with the use of alternative DNS services. In Mediacom's case however, the company appears to be using an implementation of deep packet inspection technology that makes this impossible, leaving the company's opt out as the only option. Except it doesn't work.



this isnt JUST dns hijacking. they are allso hijacking 404 pages. i.e. AFTER a valid dns responce has been recieved and the target server reached. they have all so been caught putting ad's in frames over a valid website.

so no amount of 3rd party dns including but not limited to opendns, googledns, treewalk, or bind. will fix this.

dvd536
as Mr. Pink as they come
Premium Member
join:2001-04-27
Phoenix, AZ

dvd536 to buzz_4_20

Premium Member

to buzz_4_20
said by buzz_4_20:

Just Sayin'

So redirects under another name is better?
opendns has them too.
4.2.2.1, 4.2.2.2 for "clean DNS"

Anony2929229
@comcast.net

Anony2929229

Anon

hmmmm

They should have read »tools.ietf.org/html/draf ··· tion-8.4

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

Snowy

Premium Member

Close & reopen the browser?

re "...users in our forums have taken to recording videos of the opt out system not working -- repeatedly --"
I didn't see the browser being closed during the video.
That could have made a difference (in that particular instance)

exocet_cm
Writing
Premium Member
join:2003-03-23
Brooklyn, NY

exocet_cm

Premium Member

www.opendns.com

208.67.222.222

208.67.220.220

Edit
And these (part of their FamilyShield DNS)

208.67.222.123

208.67.220.123

thedragonmas
Premium Member
join:2007-12-28
Albany, GA
Netgear R6300 v2
ARRIS SB6180

thedragonmas

Premium Member

Re: www.opendns.com

opendns will NOT work for this.
DNS redirection provides ISPs with additional revenue by redirecting users to an ISP-run portal with ads instead of the normal 404 page. This can break some networking tools, so many of our users will often avoid DNS redirection with the use of alternative DNS services. In Mediacom's case however, the company appears to be using an implementation of deep packet inspection technology that makes this impossible, leaving the company's opt out as the only option. Except it doesn't work.



this isnt JUST dns hijacking. they are allso hijacking 404 pages. i.e. AFTER a valid dns responce has been recieved and the target server reached. they have all so been caught putting ad's in frames over a valid website.

so no amount of 3rd party dns including but not limited to opendns, googledns, treewalk, or bind. will fix this.

exocet_cm
Writing
Premium Member
join:2003-03-23
Brooklyn, NY

exocet_cm

Premium Member

Re: www.opendns.com

said by thedragonmas:

opendns will NOT work for this.

DNS redirection provides ISPs with additional revenue by redirecting users to an ISP-run portal with ads instead of the normal 404 page. This can break some networking tools, so many of our users will often avoid DNS redirection with the use of alternative DNS services. In Mediacom's case however, the company appears to be using an implementation of deep packet inspection technology that makes this impossible, leaving the company's opt out as the only option. Except it doesn't work.



this isnt JUST dns hijacking. they are allso hijacking 404 pages. i.e. AFTER a valid dns responce has been recieved and the target server reached. they have all so been caught putting ad's in frames over a valid website.

so no amount of 3rd party dns including but not limited to opendns, googledns, treewalk, or bind. will fix this.

Lame
chgo_man99
join:2010-01-01
Sunnyvale, CA

chgo_man99

Member

lame

And the town I am moving to in order to have job, only provides mediacom and qwest. Mediacom has at best 20mb and qwest only 7 mb. They push 2 year contract on new cable customers!

So should I go with if I have a choice to do this in my new place:

1) mediacom cable and internet (bundled package)
2) directv and mediacom internet (unbundled, higher price)
3) directv and qwest dsl (bundled).

?
Walter Dnes
join:2008-01-27
Thornhill, ON

Walter Dnes

Member

Possible workaround for DNS intercept

This can break some networking tools, so many of our users will often avoid DNS redirection with the use of alternative DNS services. In Mediacom's case however, the company appears to be using an implementation of deep packet inspection technology that makes this impossible, leaving the company's opt out as the only option. Except it doesn't work.
I think I may have an answer to this, at least under linux. I'm not familiar enough with Windows to know if this will work, but I know that Windows does have a ROUTE command, so it may translate to Windows. My procedure would require a broadband connection AND A DIALUP CONNECTION SIMULTANEOUSLY. Here is my /etc/conf.d/net file (Gentoo linux)
config_eth0=(
"192.168.123.249 broadcast 192.168.123.255 netmask 255.255.255.248 mtu 1454"
"169.254.1.3 broadcast 169.254.255.255 netmask 255.255.0.0")
routes_eth0=(
"default via 192.168.123.254 metric 2"
"192.168.123.248/29 via 192.168.123.254 metric 0"
"169.254.0.0/16 via 169.254.1.3 metric 0"
)

The reasons for the complexity are as follows...
•The 169.254.x.y is for my network-enabled OTA TV tuner, which INSISTS on coming up with a "zero-config" address.
•I have a dialup account as a backup. The linux "pon" dialup software creates ppp0 and adds a route (metric 1???) statement, which gets over-ridden by the existing route
•In the past, I had to basically tear down eth0 before starting dialup, and then restart it after disconnecting dialup. This meant that I couldn't stay connected with my backup machine during the dialup session.
•My current setup uses "metric 0" (highest priority) for my little LAN and the TV tuner
•The default route (everything else, including the internet) goes via a "metric 2" route
•when I fire up dialup, it does a "metric 1" route, which forces internet access via ppp0, but leaves LAN access alone

Building from this, when a dialup connection is established, run a short script that
•clears the current default route
•sets up a default with metric 2 via eth0 (broadband)
•creates a couple of /32 routes with metric 0, pointing at the outside DNS servers via ppp0 (the dialup connection)
•plan B for linux is to have iptables/netfilter force outbound packets with destination port 53 to use ppp0. I don't know if there is a Windows equivalent.

Because the DNS queries go via the dialup connection, the packets completely bypass Mediacom (unless your dialup connection is via Mediacom as well). Because Mediacom never sees the packets, it can't touch your DNS queries. Dialup is slower, but for small packets like DNS traffic, it's perfectly sufficient. Any comments?
scooper
join:2000-07-11
Kansas City, KS

scooper

Member

Re: Possible workaround for DNS intercept

Wouldn't it just be easier to run your own DNS server that talks to the root servers ?
Walter Dnes
join:2008-01-27
Thornhill, ON

Walter Dnes

Member

Re: Possible workaround for DNS intercept

said by scooper:

Wouldn't it just be easier to run your own DNS server that talks to the root servers ?

Have you read the "BIND 9 Administrator Reference Manual"? It's a 174 page PDF!!! »www.bind9.net/arm97.pdf Monkeying around with routes or iptables is a lot easier.
twhiting9275
join:2002-08-30
Waterloo, IA

twhiting9275

Member

OpenDNS FTW

Been using OpenDNS for years now, and despite claiims of this not stopping the MC links, this does in fact do so. In fact, I just tested both 404 redirects, and domain redirects, and neither went to mediacom, both going right where they were supposed to.