Canadian ISP Hijacking DNS Lookup Errors

Freshly Exhumed tips us to news that Canadian ISP Rogers Cable appears to be redirecting invalid DNS requests to their own search and advertising page. Roadrunner got caught doing the same thing earlier this year. According to the article, "The hijacking appears to be an attempt by Rogers to use its Deep Packet Inspection (DPI) technology to cash in on the mistakes of its users." Freshly Exhumed also reminds us, "As IOActive security researcher Dan Kaminsky has warned in the past, this presents a very serious security problem."

Good Grief

[MightyMartian]

I know one problem it can cause is for a number of spam tests which look for the message coming from a legitimate domain. When the DNS server says "yup, that resolves" even when there's actually no domain, the test is defeated.

Re:Good Grief

[PunkOfLinux]

What the hell? Verizon is doing this now, too. Whenever I type in 'slashdot' in firefox, it just takes me to their useless search page, which is getting REALLY old now. I'm getting pretty disgusted now, and they should get it through their thick heads that if they're gonna charge us money for 'net access, they have NO right to make more money off of us by selling ads instead of allowing our browsers to function as expected.

Re:Good Grief

Verizon has been doing this for a while. I read the Terms of Service, Acceptable Use Policy, etc. every time they update it. It's clearly there, disguised as a 'feature' called DNS Assistance.

However, Verizon does have non-poisoned DNS servers which you can find in their Help pages, along with instructions for changing your machine's settings. http://netservices.verizon.net/portal/link/help/item&objId=23883

Re:Good Grief

[dosius]

They tried to get me to use their poisoned servers, and as soon as I found out (btw, they DO report nxdomain, along with their error handling servers), I went back to the old ones.

The poisoned ones were 68.237.161.12 (nsnyny01.verizon.net) and 71.250.0.12 (nsnwrk01.verizon.net), and the unpoisoned ones are 151.202.0.85 and 151.203.0.85.

-uso.

Re:Good Grief

[Lord+Haw+Haw+Haw]

Our thuggish ISP here in India by the name of Airtel does the same. Who's to catch them out? Nowhere to complain to. What's more, they do it only for Home customers and not corporate customers. They think they are mighty clever at that.

Re:Good Grief

[Clete2]

RoadRunner is still doing this in South Carolina! UGH.

Re:Good Grief

[Constantine+XVI]

Change your DNS servers. 4.2.2.1 through 4.2.2.6 are known clean DNS servers. Most routers will let you change your DNS servers for your entire network.

Re:Good Grief

[c_g_hills]

Verizon's non-poisoned dns servers are vulnerable to the newly discovered dns vulnerability. Shout at them!

151.202.0.85 is POOR: 26 queries in 2.1 seconds from 22 ports with std dev 19.03

151.203.0.85 is POOR: 26 queries in 2.4 seconds from 22 ports with std dev 15.08

Check for your self using `dig porttest.dns-oarc.net. in txt`

Re:Good Grief

[dosius]

They work for me... you know any better ones?

-uso.

Re:Good Grief

[aztektum]

I switched over to using OpenDNS with my Linksys router and I get redirected to their fancy advert pages when I mistype something as well.

Re:Good Grief

[notnAP]

Verizon here in Dracut, Mass. (via DSL) is not doing it, at least for now. I have seen it happen sporadically in the past two years.

My favorite test, making sure I'm avoiding something I hit recently and therefore is cached somewhere, is to type in 3-4 random alpha characters (sans a tld). Every 3-4 alpha character domain name resolves to something in the .com TLD.

Re:Good Grief

[c_g_hills]

According to Paul Vixie, Level3 operators have said that they plan to restrict access to these servers in future to customers only, so make sure you have an alternative available!

Re:Good Grief

[tomblag]

Strangely enough, my failed dns searches don't seem to resolve to verizon's search page now. And I haven't tried a clean dns server.

Re:Good Grief

[davolfman]

To be honest I still think this thing is a bomb waiting to go off when it comes to anything outside the TLD's. In my mind if someone does this for say badmachine.slashdot.org they are pretty much guilty of criminal trespass, trademark violation, and/or fraud. Within the TLD space say www.badurltest.org where the typo isn't already someone else's claimed property they can pretty much do whatever they want, or whatever we let them.

Re:Good Grief

[woot+account]

That's the entire purpose of OpenDNS. Open is just a misdirection word they stuck in there to make themselves sound better than they are.

Re:Good Grief

4.2.2.1
4.2.2.2

Re:Good Grief

[Talchas]

Also, if you run a proxy like squid, that will deal with it too.

Re:Good Grief

[John+Hasler]

> In my mind if someone does this for say badmachine.slashdot.org they are pretty much
> guilty of criminal trespass, trademark violation, and/or fraud.

Fortunately, your mind is not a court of law.

> Within the TLD space say www.badurltest.org where the typo isn't already someone else's
> claimed property

No string of characters is or can be property.

Re:Good Grief

[bconway]

Worse.

$ dig +short porttest.dns-oarc.net TXT @4.2.2.1
z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
"209.244.7.40 is POOR: 26 queries in 2.0 seconds from 1 ports with std dev 0.00"

$ dig +short porttest.dns-oarc.net TXT @4.2.2.2
z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
"209.244.7.34 is POOR: 26 queries in 1.9 seconds from 1 ports with std dev 0.00"

Re:Good Grief

No string of characters is or can be property.

Really? Quick, tell the US Patent and Trademark office!

Re:Good Grief

[NevermindPhreak]

Not just Verizon. The article said that Road Runner had been caught doing this, but as a user of this service, I can say from experience that they still do. Though, the weird thing is that it only happens about 10% of the time, whereas it happened 100% of the time at one point.

As someone pointed out earlier, you can change your DNS servers to 4.1.1.1 - 4.1.1.6, as those servers belong to Level 3 Communications, a backbone provider. No guarantee they won't do it in the future, though.

Re:Good Grief

[Stunning+Tard]

Somebody else here mentioned you can turn off the search redirect if you get an account. worked for me.

Re:Good Grief

[SD_92104]

COX has started doing this as well a few weeks ago - the sad thing is that technical support doesn't have a clue about this - when I complained to them they told me how to setup IE in Windows in their boiler-plate message...

Re:Good Grief

[no1home]

Maybe I don't understand the complaint. I use OpenDNS and I don't see any advertising. (If you do see heavy advertising, I'd love to see a screen shot.) It's true you don't get the "404" error and you instead get a search page provided by them, but that's no different than telling your browser to search Google/Yahoo/MSM when an address can't be found. Only a few of us prefer the old 404 error and most want suggestions on where to link to. The advantage to OpenDNS is in having an account (I use the free one) and applying filtering to suite your needs.

I live in Charter territory and they too have setup their own DNS-fail page. You can opt out by going to some website of theirs and telling it to bugger off, but it requires cookies. If you wipe your cookies, you have to reset this. Their search results aren't very good and, since setting up OpenDNS on my router*, I've had better results. I've found that some types of common mistakes are auto-corrected (only if it can't find what you typed or clicked on), so the results have been very good. The users in my home only see my logo picture that I've uploaded and some relevant search results when they try to go to an invalid web address. Are some of these search results paying to be visible? Sure, just like Google, et. al. So what. I feel better with them because I control what happens with the 404 errors, not Charter. And, because there's a kid in the house, I can control the filtering. Just a side benefit.

As for they're being 'Open', I agree that the name is misleading due to the now common use of the word in computer culture. Where do they give us access to the code and how would we use it or implement it if we had it? However, they are open in that anybody can use the service for free.

Now, for the issue at hand, the ISP 'hijacking' DNS lookup errors, what is the real problem with this? A failed DNS lookup fires back the old 404. Used to be, that's exactly what we'd see. But browsers evolved and are now setup to use a search service (MS, Google, etc.). This is where the problem is with the ISPs performing this stunt. They are over-riding your personal settings. I don't think it has anything to do with DPI (as I read in someone else's comment) or even any invasion of privacy. I don't see any such conspiracy. The only Bad Thing® I see is that they ignore our personalized settings and force their setting upon us. So let's not jump up and down calling this something it isn't. We don't even need to since the real problem is bad enough a it is.

*You might not have access to do this to the router provided by your ISP, but you can hook up a router you do control to that one. Set it up to use DHCP, as you'd expect. It will, of course, get the standard IP/Gateway/Subnet/DNS info. But, since it's your router to control, you can now tell it what to assign to the computers attaching to it, including what DNS servers to use. In my case, I choose to use OpenDNS. You might choose something else that you have permission to use. I've had no failures in this at all and it seems Charter (Verizon, AT&T, whoever-ISP) can't 'fix' that.

Re:Good Grief

[Trailwalker]

AdBlock gets rid of the Verizon "search" page.

Clickity, clickity, never see again.

Re:Good Grief

[Curtman]

Maybe I don't understand the complaint. <snip> Only a few of us prefer the old 404 error and most want suggestions on where to link to.

I think the most annoying aspect is how we get used to leaving off the 'www' at the beginning of domains with Firefox, and Firefox adds it in for you if the non-www address fails to resolve. With this DNS hijacking this feature is broken.

Re:Good Grief

[no1home]

I think the most annoying aspect is how we get used to leaving off the 'www' at the beginning of domains with Firefox, and Firefox adds it in for you if the non-www address fails to resolve.

If I hadn't commented, I'd mod you up as informative. I didn't know this. In both browsers, I use {CTRL}{Enter} and they auto-add the 'www' prefix and 'com' suffix. I'd never not used that or manually typed 'www'.

When I get home, I'll have to see if OpenDNS handles this correctly (I think it should, but that's a guess).

On a side note, I used the usual brackets for CTRL and Enter to indicate the keys, but they were parsed out by the comment system, seemingly because they looked like HTML commands. :) Ergo, I used different brackets. I'm amused.

Re:Good Grief

[rs79]

Yeah, Paul's big on DNS "Alternatives". Not.

Hughes does this too now with their sat service. Never mind I use my own dns servers, their "transparent" web proxy does it's own dns and ignores the ones you use. Just for web.

That is, I can FTP to say, "free.tibet" but if I try for that web page I get a hughes/yahoo thing that says "did you mean..." (no, I did't you asswipe) Grrrrrrrrrr.

Vixie of course, invented the "transparent web proxy" to "get around" the "problem" of people using non-iana roots to get at web pages in alternative dns spaces about a decade ago. He was right smug about it at the time.

In 1994 Ted Rogers spoke at a conference in Toronto. He said what sounded to me like really stupid things about the net.

When he was done, he just left and didnt hang around.

The next speaker was Nick Negroponte whose first line was "It's a pity Mr. Rogers left because I'd like to have a chance to tell him everything he said was wrong."

It hasn't got any better. Rogers will screw you every step of ther way with every service they have from my perspective. Bail, kids, bail.

Re:Good Grief

I must be oblivious here, but what where is the humor in this post?

4.0.0.0/8 is a Level3 Netblock.
4.2.2.1-4.2.2.3 Have Verizon Hostnames (gtei.net), and 4.2.2.4-4.2.2.6 have Genuity, Inc. hostnames, but that does not mean they really belong to Verizon, and Genuity, but merely that yhey are opperating them. From the IP addresses, I suspect they may be running those servers for Level3.

It is certainly possible to have an edge router filter packets to/from 4.2.2.1-4.2.2.6.

Re:Good Grief

[Curtman]

On a side note, I used the usual brackets for CTRL and Enter to indicate the keys

You can use '&lt;' to display the first one.. It'll leave the closing one (>) alone after that.

Re:Good Grief

[adriaticc]

But if you're using Opera, you can just type /. into the location bar. Built in slashdot resolution!

Re:Good Grief

[Dan541]

So if my server is offline my visitors get redirected to another site, what happens when my server comes back online? I guess I have to wait for the user to flush their DNS.

I don't want my users being taken to another site if the server in oneday offline.

Re:Good Grief

[rs79]

" we get used to leaving off the 'www' at the beginning of domains with Firefox "

Netscape 1.0 did this 15 years ago. Every credible browser since then has too. www.name.com became a fashion statement more than an address of where port 80 (http, or "web") service was on a specific network as was the original intent of that nomenclature.

Re:Good Grief

[Rayban]

If you want to teach them a lesson, put this in a hidden iframe on all of your sites:

http://www20.search.rogers.com/options?choice=none

Re:Good Grief

try telling that to the guys who had the hd-dvd aacs problems ;)

Re:Good Grief

However, Verizon does have non-poisoned DNS servers which you can find in their Help pages, along with instructions for changing your machine's settings. http://netservices.verizon.net/portal/link/help/item&objId=23883 [verizon.net]

Nice, but, as a non-verison user, I went to that page and saw nothing obvious to help with this issue.

However, I did click on the "System Status" link (at the bottom of the left column) and got back:

Current Status:
This tool is temporarily unavailable. Please try again later.

What a bunch of fuckbars. Maybe they mean "later" after I sign up with the shits.

My super great local ISP doesn't pull any of this horseshit. If you can reach them at all, the current MOTD, with all warts, projected (always short) maintenance windows, info on any ongoing DDoSes, full followup on any already-reported issues, etc. are right there on the home page for all (even non-customers, to see -- none of this asshole stuff about hiding it way down in a fucking subdomain.

Can anyone think of a better way to determine, before signing up, to know whether your ISP is going to be forthcoming about problems or try to hide under their dunghill.

Nice captcha, too -- immunity

Re:Good Grief

Only a few of us prefer the old 404 error and most want suggestions on where to link to.

Yes, we may be few, but fuck the rest if they can't dope out a spelling error with a 404. Try going to whitehouse.com instead of whitehouse.gov.

I ran into a similar situation some time back when, as part of my job, I accidentally called 1-800-CALL-IBM. Sorry, that's a porn-offer site. The real IBM site is an 888 number. I don't know if they've done anything about it since.

Re:Good Grief

[totally+bogus+dude]

It's annoying because it does change behaviour at a more technical level.

With non-hijacked DNS, if you enter a non-existent hostname, you DO NOT receive a "404" error. "404" is an HTTP status code which means "not found". This can only be generated by a web server and only makes sense in the context of requesting a resource from a web server, and the server decides it does not exist.

It follows from this that if the hostname does not exist, then you can't connect to a webserver at the address (because there is no address), and therefore it is completely impossible for you to receive a "404 error". Instead, your browser (or proxy) discovers the DNS lookup returned "non-existent domain", and does something other than trying to connect to the server. It may try variations on the address you provided, it may send a query for whatever you typed in to your favourite search engine, or it may display an error page/dialog. The point being, lots of people use "404" to mean any kind of error, whether it's a broken server or a missing resource or a host that doesn't exist; but that's technically wrong (the best kind of wrong).

This isn't too big a deal for web browsing, aside from overriding the user's preferences. But there are uses for DNS other than the world wide web, and there is no way for their DNS server to know whether you're looking up a website address or an SMTP server or a DNS server or an FTP server or anything else. This means that in order to provide this "feature" for mis-typed web requests, they fuck up everything else that does DNS lookups. Sometimes they try to implement workarounds to limit the damage it causes to other protocols, but they're always just workarounds and therefore "less good" than simply not screwing with the semantics of DNS in the first place. Remember when VeriSign did this and fucked up their fake SMTP server?

I don't really have a problem with OpenDNS doing this, as they're upfront about it and if people are willing to risk the problems this may cause for whatever benefit they perceive they're receiving, then that's their choice. The problem with ISPs "forcing" it on unknowledgeable users is that if they do have problems because of it, they're not likely to have any idea what's gone wrong or that the weird shit going on is because their ISP or whoever decided to try to monetize typos. After all, if your mail client says "connection refused" or "connection timed out" or "access denied, check your username and password", it's going to take you a lot longer to realise you've mistyped the server name than if it said "host does not exist".

Re:Good Grief

Tiscali in the UK have been doing this for a few months now too

Re:Good Grief

[no1home]

With non-hijacked DNS, if you enter a non-existent hostname, you DO NOT receive a "404" error. "404" is an HTTP status code which means "not found". This can only be generated by a web server and only makes sense in the context of requesting a resource from a web server, and the server decides it does not exist. [snip] The point being, lots of people use "404" to mean any kind of error, whether it's a broken server or a missing resource or a host that doesn't exist; but that's technically wrong.

You are very correct and I should have known better than to take a terminology shortcut in this forum!

The end result is that we have to find some way around the ISP wrongfully hijacking not just our browsers, but our entire connectivity and these workarounds have pretty much the same drawbacks as the hijacks themselves. At least we have control over which drawbacks to choose or not choose. It's just that the ISPs shouldn't makes put us in these positions.

Re:Good Grief

[davolfman]

Then we should all get our money back for our domains. Alright so it's impinging on an exclusive right purchased to all domains under a particular domain. Since it's not permanent it's joyriding with a domain name at best, and in most of the US I think that's equivalent to stealing. Or it could be some charge of impersonation. There are just so many ways to make a lawsuit out of this it's not funny.

Re:Good Grief

Richard:

1) "transparent" web proxy is just an application layer gateway; it is not magical, it's just a convenient way to offer services (like local caches) without having to configure the client to do so. This is often a good thing where clients are highly heterogeneous (in nature and in management). As with any ALG it can get in the way. The solution? Route around it -- either tell it to CONNECT [RFC 2817, s5.2] you to yet another proxy, or reach that other proxy on a port other than the one it's intercepting (do any really intercept more than port 80?)

2) In 1994, that Ted Rogers even knew the Internet existed was nothing short of miraculous -- while there were several commercial ISPs in Canada by then, none were able to offer DSL, DOCSIS had not yet been invented, uptake of its precursors was minuscule, the incorporation @Home was two years in the future, and digital data mobility had not been deployed anywhere in North America. End users were doing dialup SLIP or PPP via V.32bis if they were lucky, ISDN or local PBX-enabled subsets (1 or 2 B channels) if they were lucky and rich, or traditional TDM leased lines (DS0s, fractional DS1s, etc., in Canada).

Rogers's involvement at the time was mainly in reselling TDM and licensing the Sprint brand for use in Canada via Call-Net; it would be four years before they had their own cross-country digital infrastructure (when they bought phoneyrola), and they have never fully, or even largely, transitioned away from reliance upon cross-country capacity from the Stentor Alliance (of incumbent telecomms firms/x-monopolies), its successors, and its former member companies.

Depending on the timing of the meeting (was it the IETF?), Netscape Navigator 0.9 was still in beta testing, and Mosaic had not yet seen its first birthday.

There were plenty of more technical people than Ted Rogers saying stupid things about the Internet in 1994. There were plenty of people who are now experts who were either schoolkids or unaware of the Internet in 1994. This includes our illustrious CmdrTaco. Slashdot was not born until the end of 1997.

When he was done, he just left and didnt hang around

That shows great intelligence, if it was the IETF meeting at which the Fearless New Leadership proposed SIP as IPng over the noisy objections of, well, many experienced network techies who were pretty convinced that such a tiny, conservative upgrade to the inter-network layer would never see real deployment, and Fearless New Leadership were also trying to claim standardization authority over HTML. Avoiding being anywhere near those decisions -- both total failures for the IETF -- was a pretty astute move!

I am pretty sure I was there and tuned out from what Negroponte was saying even more than what Rogers was saying, since the gulf between "vision of future" and "actual implementation" in his talks in the 80s and 90s was no narrower than that between Orwell and a full implementation of Telescreens or Asimov and trumpet-playing Japanese robots. Other people often made equally realistic future predictions, and proposed useful ways to get towards the desired/predicted ends.

Too bad WiFi enabled laptops weren't as common then as they started to be this century! Or BlackBerrys or iPhones... then Rogers might have stuck around, at least physically.

Hijack? Rogers ?

[carlvlad]

aaaa'rrrr!

Re:Hijack? Rogers ?

[Mordok-DestroyerOfWo]

I guess you can say they're no longer very...jolly?

Re:Hijack? Rogers ?

[carlvlad]

Who would, after battling torrents ?

Re:Hijack? Rogers ?

[Adambomb]

God damn them all
I was told we'd block the seeds for american gold
we'd waste no puns, drink more beers
Now i'm a broken man with an unresolved peer...
the last of rogers marketeers.

Well I'll be...

[Shabbs]

This must be brand new. I did a test just now and a bad URL sends you here:

http://www20.search.rogers.com/search?

With appropriate variables substituted for what you were typing of course, like this:

Enter: http://www.rogersblowz.com and you get:

http://www20.search.rogers.com/search?qo=www.rogersblowz.com&rn=mEelOh0JrKFZejZ

Let the debate rage on!!!

Re:Well I'll be...

[Holmwood]

Worse than this even. I've been redirected to Rogers Search pages, replete with advertising, for domains that I know exist, and that I know have been entered correctly (e.g. via a bookmark).

It used to happen a lot with http://ragnartornquist.com/ (Tornquist is a senior game designer for Funcom). Granted that's a tough name to spell properly for a North American, but since I'd click on a bookmarked link, or a google page, I was sure it wasn't a problem with my typing.

What started to give it away as being something at Rogers (rather than my computer infected with malware) was that this was happening on every device I connected to the net -- Lynx on BSD, Safari on Apple, Opera on Maemo, Iceweasel on Ubuntu, and, of course, Firefox/IE/Opera on Windows.

(Yeah, I have a lot of different OS's sitting around!)

For a while I then became convinced my router had been compromised, but even switching routers didn't fix it.

Concluding it was unlikely that five different OSes and myriad different browsers had all been compromised, as well as two different routers, I contacted Rogers.

They said they were experimenting with "Software Improvements" and that the problem should go away for existing domains.

Well, using a proxy fixed it for me. But not a pleasant solution.

Software Improvements.

And the problem did go away for me at least. But I wonder if anyone else is being redirected to Rogers garbage pages for domains which exist.

Holmwood.

Re:Well I'll be...

[failedlogic]

I had Rogers up until about 1 year ago and the DNS servers were generally flaky. I guess they'll work better now that they have a way to make money off it. Ditto QUS on VoIP call since there's Rogers Home Phone. Does QOS still work against Vonage and such?

Strangely, I remember reading about 4 to 6 months ago the redirections were already starting. Rogers tends to release things into test markets and see how many complaints they get. If most people don't know or don't care they go ahead and roll it out.

Re:Well I'll be...

[KGIII]

Granted that's a tough name to spell properly for a North American, but since I'd click on a bookmarked link, or a google page, I was sure it wasn't a problem with my typing.

'Snot very nice of you to insult North Americans so openly and to make such broad sweeping strokes about the intellectual capacity of North Americans.

Ah well. I think you might be right though.

Re:Well I'll be...

[fluffman86]

same thing happened to me the other day using "Earthlink" service from Time Warner Cable. (we had roadrunner, but the promo period was over so we kept the same service but our ISP started showing up as earthlink...it's stupid) For some reason, google.com does not exist anymore :( Switched to OpenDNS, and everything is fine. I switched back a day later and everything is fine again with earthlink's DNS. I still hate their stupid ads, but I as long as they work most of the time I'd really not help kill OpenDNS's servers.

Re:Well I'll be...

"Enter: http://www.rogersblowz.com and you get:"

Well, if it's any consolation, you can threaten to switch to Aliant/Bell, where they still properly handle errors (so far). It's rather ineffective leverage, but maybe if they hear more complaints and threats to switch to an ISP who hasn't deployed such silliness, it will sink in.

If I do an nslookup on searchsucks.rogers.com it fails like it should, and if I try search.rogers.com it answers with three IPs, so at least if the queries are coming from outside the rogers.com domain they appear to still be handling it properly. Only their customers are lucky enough to get it.

Re:Well I'll be...

[RAMMS+EIN]

Some ISPs will indeed show their annoying search pages even if the domain exists. I used to access the Internet via my phone and get redirected to a page that had some colorful images on it and some text, dependent on the domain name it was for. It annoyed the life out of me, especially because it would also, for example, happen to return that page instead of an image, or instead of sending the form you just filled in to the right server. Fortunately, I had already started the process of switching to a cheaper, faster, and less obnoxious provider.

FYI: the "obnoxious provider" in question is Orange. I live in the Netherlands - I don't know if they do the same in other countries. I have heard that they do the same on their ADSL lines, though.

Re:Well I'll be...

[Capn_Snazzy]

Super frustrating, I just discovered it last night. I was planning on calling up tech support and asking how come when I goto www.Rogers-sux-shit.com and www.rogers.now.more.evil.com I get more Rogers ads I'm sure the fun of that call would be loose it's appeal when I would have to wait on hold for twenty min. The really frustrating part is that since Rogers have just started charging outrageous amounts for going over my bandwidth cap (when I signed up for this account it WAS unlimited) now I am going to be paying extra bandwidth to see their ads instead of a brief 404! As if the printed junk mail I get everyday from them isn't enough. Bell or Rogers, thats the only choice we have in Canada and they both are evil.

Re:Well I'll be...

[pjbgravely]

Even worse, Frontiernet.net does the same thing, from a bookmark the correct URL sometimes gives the search page, and even better, the URL is number 10 on the search list. I guess you have to keep those paying customers highest no matter what. Paul

Re:Well I'll be...

[Jorophose]

I just get "404 Not Found" / "404 Not Found" (title/page).

I wonder if they've suspended it? I've noticed that for a couple days now, but I returned home recently and only used my computer starting two days ago...

Oh, and for some reason the windows computer here has its IE and by consequence Opera bookmarks littered with rogers shit.

Re:Well I'll be...

Fucking ISPs are turning the internet into basic cable 2.0

Re:Well I'll be...

[Jerry+Smith]

Some ISPs will indeed show their annoying search pages even if the domain exists.
...
Fortunately, I had already started the process of switching to a cheaper, faster, and less obnoxious provider.

FYI: the "obnoxious provider" in question is Orange. I live in the Netherlands - I don't know if they do the same in other countries. I have heard that they do the same on their ADSL lines, though.

Tele2 does this as well, but differently...
When I try to check the remaining credit on my prepay phone, it immediately responds with: "This number does not exist, please go for the correct number to our directory services, the number is 0900-VERY-EXPENSIVE".
Funnily the call-credit-number I dial is on the default SIMcard-phonelist... no way that it could be wrong! Even more funnily: when I hit redial for that same 'non-existing' number it connects and tells me my credit...

easy solution

[FudRucker]

http://www.opendns.com/

basically it is remove your ISP's dns#s and add these

208.67.222.222
208.67.220.220

Re:easy solution

[v1]

so, how long before your ISP starts blocking use of DNS servers other than their own?

Re:easy solution

OpenDNS hijacks www.google.com and redirects all requests to OpenDNS web servers in addition to redirecting non-existing domains. If you switch to OpenDNS because your provider redirects non-existing domains, you're throwing the baby out with the bathwater.

Re:easy solution

if that happens then it should be time to cancel and find another ISP that do not act like nazis...

Re:easy solution

[tgx]

no, they're doing the exact same thing.
they're redirecting invalid requests to
http://guide.opendns.com/?url=%5Burl.here%5D

$ host aoeuidhtns.com
Host aoeuidhtns.com not found: 3(NXDOMAIN)

$ host aoeuidhtns.com 208.67.222.222
aoeuidhtns.com has address 208.69.34.132

Re:easy solution

Nice try but Open DNS also redirect invalid DNS request

Re:easy solution

[Shabbs]

Funny thing is that OpenDNS also re-directs bad URLs to their search page. So really, how much better is it? ;)

Re:easy solution

already happening here in italy... both the ads on false page and i can not use opendns nor OpenRootServerNetvork

Re:easy solution

Try these 4.2.2.1, 4.2.2.2, 4.2.2.3, 4.2.2.4.

Re:easy solution

[ribit]

that's not full internet access.

Re:easy solution

[deraj123]

For all those responding to your post that OpenDNS does the same thing. I am currently using OpenDNS, and it is working exactly as I would like, with no invalid responses, no ad-search type pages, etc.

If you sign up for an account (free) with OpenDNS, they give you a dashboard where you can configure how you want them to respond to certain types of requests. If you turn ALL of the options OFF, then their DNS service acts exactly as it should, with no hijacking of your requests. (for awhile, you couldn't turn off the google redirect issue, but they've even added an option for that now...)

Re:easy solution

[TavisJohn]

Every ISP does that now. I would rather give OpenDns that than my ISP, as I am already paying them why should I also give them advertising money when I make a URL mistake. I would rather give that money to someone else.

Re:easy solution

[antdude]

That's great if you have more than one ISPs. For me, cable is the only broadband ISP. If I want others, then I have to go back to dialup!

Re:easy solution

[camperdave]

Very few ISPs provide you with full internet access. Most, according to their Terms Of Service, do not allow you to run servers.

Re:easy solution

[John+Hasler]

> Every ISP does that now.

CenturyTel isn't doing it here.

Re:easy solution

[TealShark]

... which you can manually stop them from doing by disabling typo corrections in settings.

Re:easy solution

[ribit]

But in practise they do allow it. They might be trying to stop people serving high-traffic websites from home, but if my ISP stops me serving my own files to myself over port 80 (to allow me to login and grab files when on the road), I will move to another ISP, because I want full internet access. If nobody offered that, I'd start an ISP myself.

Re:easy solution

[jcam2]

Worse still, they were (and maybe still are) redirecting lookups for google.com to their own servers .. and I'm pretty sure that Google isn't often down.

Re:easy solution

It's 100 times better - It's "Open"

Re:easy solution

[Shabbs]

HA! A few of us have these in our back pocket for when the DNS servers we're using go awry in order to get back on the 'net. I don't use them regularly though. Just as a backup option. And they're easy to remember. The series goes all the way up to 4.2.2.6 btw.

Re:easy solution

[corbettw]

Too be fair, you're not paying OpenDNS to access their servers already. So when they redirect bad requests to a search page, it's not quite as bad. I'm curious if their for-pay DNS service redirects, as well.

Re:easy solution

[davidu]

1) Our DNS is more secure. This has been shown by third parties now numerous times.
2) Our DNS is faster.
3) Our DNS lets you block out responses you don't want.
4) Our DNS lets you turn off the search result pages, though most organizations like them and customize them.
5) Our DNS has a complete dashboard of stats and settings and is 100% opt-in. If you don't like it, don't use it (but nearly everyone who tries it likes it).

Comparing us to Rogers is like apples and oranges.

-David

Re:easy solution

[Stunning+Tard]

Thanks so much for the tip. All converted now.
I also took the advice of another comment here and created an account so I could turn off openDNS's search page.
And I must say I'm astounded at the changes Rogers is making lately. And I don't think they're done.

Re:easy solution

If you get an OpenDNS account, you can tell it to not redirect.

Re:easy solution

[Shabbs]

Are OpenDNS and EveryDNS related? I was talking about OpenDNS.

Re:easy solution

Their search page shows ads which would in turn pay for their FREE services, including the fact that you can actually do some useful things, like customize that page so that it looks exactly how you want it, and you can make OpenDNS block offensive domains, get request details, cache hits, etc.....

All over, OpenDNS being a free service, I have no problem with hitting their search page, I look at it as paying for the free service they provide. For that matter, any of us here are probably already using ABP, and No-Script in firefox, so its not like we really have to worry about getting bombarded by shit....

Re:easy solution

[kiehlster]

Yes, and if one is too lazy to find and disable that, they can just add guide.opendns.com to their hosts file pointing back to 127.0.0.1.

Re:easy solution

[davidu]

I am the founder of both companies. :-)

Re:easy solution

[darrenkw]

Right, however, if you sign up for an account you can turn that off for your router.

Re:easy solution

Dvorak, is that you?

Re:easy solution

OpenDNS nameservers resolve www.google.com to the CNAME google.navigation.opendns.com, which points to an OpenDNS proxy.

Re:easy solution

[diamondsw]

"Features that will not work without typo correction enabled: shortcuts, adult site blocking, custom image, custom message."

No, I just want to get rid of the damn search page misfeature. For being such otherwise "good guys" and very technical, I'm amazed that they screw things up in this fashion so very badly.

Re:easy solution

[Shabbs]

HA! Nice. Very cool. Keep up the great work.

Re:easy solution

Funny thing is that OpenDNS also re-directs bad URLs to their search page. So really, how much better is it? ;)

How did this lie get modded +5?

Re:easy solution

When I called in, I was told that one way of opting out of that stupid search page was to use alternative DNS. I guess they know better than to block other DNS servers.

Re:easy solution

[MrZaius]

Funny thing is that OpenDNS also re-directs bad URLs to their search page. So really, how much better is it? ;)

Add to that the fact that they're also redirecting Google's traffic to themselves.

Plus, to add insult to injury, they don't offer "unpoisoned" servers like some ISPs mentioned above. They use your desire to not put up with this nonsense as an excuse to force users to register their names, IP addresses, etc and, if DHCP users, run ddclient or some equivalent. OpenDNS opens up some very, very serious privacy concerns, at this point in the game.

I for one will be setting up my own DNS server tonight. Enough, already.

Re:easy solution

Note that FudRucker did not care to mention that you need an account to turn off that "feature". Whenever a DNS manipulation story appears, it doesn't take long until an OpenDNS drone recommends OpenDNS, yet somehow they always "forget" that tidbit. People who follow those recommendations are swindled as much as users of ISPs who manipulate DNS.

Re:easy solution

[josh82]

[I]t doesn't take long until an OpenDNS drone recommends OpenDNS, yet somehow they always "forget" that tidbit. People who follow those recommendations are swindled as much as users of ISPs who manipulate DNS.

Except when you're not paying money for it, it's hardly a swindle (see: swindle).

Re:easy solution

[ProfessionalCookie]

Nice uid

Re:easy solution

[slashbob22]

I will also be starting to use a third party DNS server tonight. In the mean time I have had a conversation to lodge a complaint with technical support and also sent them a support request email asking similar questions. https://your.rogers.com/contact/contactus_main.asp

Re:easy solution

The difference is it's opt-in, and they're upfront about it. I don't recall giving Roger's permission to mess with my DNS requests - who knows what else they're doing behind my back.

Ignore their servers

[surmak]

If the ISP is messing with the DNS service, the best thing to do is to use a different service.

For Linux/Unix users, you can just run a caching-only server on the desktop system, and it will issue its own name requests from the root on down. I've been doing a slightly more complex version of this at home for VPN purposes. (Forward requests to my employer's net to the private internal DNS server (through the VPN), while querying the public internet for all other servers.)

I don't know it a similar option is available for Windows users w/o shelling out big bucks, but it is technically feasible

If you cannot run a caching-only server, another option is to use a third-party DNS server. The only problem here is that it would not be automagically configured by DHCP, and would have to be manually set up.

Re:Ignore their servers

[nurbles]

That's great for people who use the service strictly for network access. But for folks who use the ISP's other services (like email, news, and possibly even web hosting) are likely to find that none of the ISP's servers are visible when not using the ISP's DNS servers from inside the ISP's network. I know this is true for RoadRunner, because I tried exactly what you said, only to find that only RR's DNS knows about their email or news servers, for example.

What bugs me most about RR's mechanism is that it seems to take some time before it starts working (after initially powering on the cable modem) because even attempts to visit places like www.imdb.com and www.google.com have taken me to RR's "perhaps you meant to type this" page, with the exact address entered offered as the first suggested "correction!"

Re:Ignore their servers

[notnAP]

How many people have their workstations directly connected to the internet modem, using a public IP ; and how many people have some sort of router between the modem and the workstation, like a home wireless router?

I'd guess the latter is far more common (and , of course, safer when done right). If so, you are likely running your own DHCP server on that router for your internal subnet, or have manually set permanent internal numbers for your workstations. In that case, you've also set your own DNS defaults at the DHCP Server or workstation setup.

Re:Ignore their servers

[__aanjtz122]

Mac users might like to know they already have a DNS cache running. lookupd caches DNS queries by default.

Re:Ignore their servers

The DNS Client service (which is used by default for DNS lookups) does the same thing on Windows.

Re:Ignore their servers

[nabsltd]

That's great for people who use the service strictly for network access. But for folks who use the ISP's other services (like email, news, and possibly even web hosting) are likely to find that none of the ISP's servers are visible when not using the ISP's DNS servers from inside the ISP's network. I know this is true for RoadRunner, because I tried exactly what you said, only to find that only RR's DNS knows about their email or news servers, for example.

The only real solution is to run a local caching-only DNS server, and set it up so that all queries except ".rr.com" domains go out normally, while sending queries for ".rr.com" to their servers.

Since there are quite a few free (either open or closed source) caching DNS servers for almost every OS, there really isn't a reason why everybody doesn't run a caching server anyway.

Re:Ignore their servers

[msormune]

Why can't you run the same (probably open source) caching-only server on Windows? Without shelling out the big bucks :)

Re:Ignore their servers

[stevied]

I'm hoping to take delivery of a WRT54GL for precisely this reason. I can stick maradns on it, which does its own recursion, keeps an in memory cache, and randomizes the source ports of its queries (avoiding the other big DNS security issue that's come up recently.) This will be nicely platform agnostic, so the Win XP box on my home network is saved from being fdisk'ed for another few months..

(Of course, because my ISP uses PPPoA and not PPPoE, I've also had to get a Speedtouch 536, which can relay via PPTP to the WRT54GL. Oh well..)

Re:Ignore their servers

If the ISP is messing with the DNS service, the best thing to do is to use a different service.

For Linux/Unix users, you can just run a caching-only server on the desktop system, and it will issue its own name requests from the root on down. I've been doing a slightly more complex version of this at home for VPN purposes. (Forward requests to my employer's net to the private internal DNS server (through the VPN), while querying the public internet for all other servers.)

I don't know it a similar option is available for Windows users w/o shelling out big bucks, but it is technically feasible

If you cannot run a caching-only server, another option is to use a third-party DNS server. The only problem here is that it would not be automagically configured by DHCP, and would have to be manually set up.

According to the article (and I have a hard time believing this is what is happening, but can't test it myself), what's being reported is actual "Deep Packet Inspection" -- hooray for new buzzwords -- digging the nxdomain out and then forging the response to point to their servers. IF that really is the scenario, then this won't work.

Re:Ignore their servers

[PFAK]

TreeWalk DNS for Windows is a good caching-only name server.

http://ntcanuck.com/

What would be the danger...

This type of behavior is wrong on so many levels so I wonder what would be the danger of having ICANN police this type of behavior? It seems that ISPs are doing more and more to circumvent "standards" for their own gain. Would it be too much to ask ICANN to come up with a set of rules that ALL ISPs must adhere to or risk losing their netblock? I'm not even sure ICANN would do anything but I'm just posing the question.

Re:What would be the danger...

[Ant+P.]

Given that ICANN are worse than these ISPs, giving them *more* power over the internet is the last thing anyone should be suggesting.

Re:What would be the danger...

[mxs]

This type of behavior is wrong on so many levels so I wonder what would be the danger of having ICANN police this type of behavior?

You want to give ICANN a police force ? Are you nuts ?

It seems that ISPs are doing more and more to circumvent "standards" for their own gain.

And on their own networks with their own customers. Don't like it ? Don't buy their service. It is that simple.

Would it be too much to ask ICANN to come up with a set of rules that ALL ISPs must adhere to or risk losing their netblock? I'm not even sure ICANN would do anything but I'm just posing the question.

Yes, it would be too much to ask. ICANN can regulate registries. This has NOTHING to do with registries. This is a DNS resolver on a private network. If it wants to return 127.0.0.1 all day, it damn well better be allowed to. Ever wondered how DNS blacklists work ? Want them blocked too ?

Re:What would be the danger...

Would it be too much to ask ICANN to come up with a set of rules that ALL ISPs must adhere to or risk losing their netblock? I'm not even sure ICANN would do anything but I'm just posing the question.

After your first three days on Slashdot, the answers to such questions become obvious.

How annoying

My ISP has been doing the same thing for a while now. It fucks with the stored history in my browser. I make a mistake and every time I'm typing in the correct URL later, my mistake is shown as an option from my history.

My ISP is the American ISP Charter. When I type in a bad url, I get a search page like this.

Re:How annoying

[jrwr00]

I'm in St. Louis, with charter internet, they do the same thing here, its annoying as hell

Re:How annoying

[Ant+P.]

Wow, I went clicking through the privacy link at the bottom and came to a one-line message on charter's site basically flipping people off for wanting to know the privacy policy.

Re:How annoying

[Jaseoldboss]

If you use FireFox, simply press the Delete key whilst the incorrect entry is in your drop down list (type something to make it appear).

If you use IE, you're hosed.

DNSSec also does authenticated NXDOMAINs

DNS is a distributed database and what these providers do is forgery of database records in the authority of the TLD registries.

Almost affected

I'm with Rogers too, and on my linux router "www.rogersviolatingnetneutrality.com" resolves to 8.15.7.107, 63.251.179.17, and 65.200.200.47, but on my LAN behind the same linux router, it does not resolve.
The LAN PCs' only DNS server is the linux router, which is running dnsmasq, and the linux router's primary DNS server is Rogers, and another 2 from the 4.2.2.x ones.

Re:Almost affected

[Ihmhi]

And your link takes me to http://www.shoprbc.com/ca/index.php. Nice try at a Slashvertisement.

Re:Almost affected

Looks like someone didn't RTFA.
"www.rogersviolatingnetneutrality.com" is mentioned in there as a website that doesn't exist, but it's been snatched up already:

http://www.whois.net/whois_new.cgi?d=rogersviolatingnetneutrality&tld=com

  Registrar of Record: TUCOWS, INC.
  Record last updated on 19-Jul-2008.
  Record expires on 19-Jul-2009.
  Record created on 19-Jul-2008.

NOT Slashvertisement.

Re:Almost affected

that was not a hyperlink, just a domain name taken directly from the article

get your facts straight before accusing

ever think that maybe, just maybe, a link like that would not normally take you to a shopping site?

or that maybe, just maybe, there are sites that auto-register domains when you do a search on them?

RCN

RCN in the Lehigh Valley (Pennsylvania) does the exact same thing. Just in the last month, they seemed to have stopped in our area... but maybe my incessant complaining did the trick. Although, who knows... maybe they just put me on a list of people who opt out, even though they told me such a list didn't exist.

Noticed this yesterday too

[greatclare]

I noticed this yesterday and asked about it a DSL Reports and got some interesting replies like this one:
"I've recently noticed this as well. I use rogers DNS as a secondary dns and 4.2.2.1 as my primary. Either way 30 seconds after seeing this I got annoyed and in firefox 3 typed in...
"about:config" in the address bar, accepted the "This will void warranty" message and proceeded to type in "browser.search.search" into the filter bar
you should see "browser.search.searchEnginesURL" come up after typing it, all i did was replaced the default value to "www.google.com" and instantly every time i type something in it will goto google instead wooo!!!"
read more at - http://www.dslreports.com/forum/remark,20813296

Been done before

EarthLink has been doing this for years. They have a workaround using "unsupported" servers that maintains real DNS behavior.

http://blogs.earthlink.net/2006/09/more_info_on_dead_domain_handl.php

nothing new

charter here in oregon does this too so I dont see what the big surprise is to everyone... its almost standard practice for ISPs... Open DNS.

Fantastic.

[fuzzyfuzzyfungus]

Let me guess... They either already have, or soon will in a pitiful pretense of response to criticism, offer some sort of insanely weak opt-out mechanism.

I'm guessing one of two things:
Manually configure alternate DNS servers on a per device basis(a la Verizon's current setup, may they be thrice cursed)
or:
Something involving cookies, a la Phorm and friends.

For things like this, opt-out just isn't good enough.

Re:Fantastic.

[MightyMartian]

The solution is rather simple. Just run your own caching server. They're pretty trivial to set up, and other than updating the root servers every once in a while (I had this being done periodically when I was running Bind), the problem is solved. Unless of course they start intercepting port 53, but at that point, I'd say you have a seriously evil ISP and it's time to switch.

Re:Fantastic.

[fuzzyfuzzyfungus]

Oh, I agree, this one isn't hard to dodge, if one has even a modicum of skill; and I doubt that it ever will be harder than that, since the ISP probably doesn't make all that much money, per user, on this and thus has fairly limited motivation to piss enough people off to spark scrutiny, or even just spend money tightening the noose.

That said, I think that this one is a good example of the unpleasant fact that control doesn't actually have to be very good in order to have its effect(great firewall is perhaps the iconic example). This only gets worse when you consider that any given individual faces dozens to hundreds of impositions of this flavor, each requiring just a little bit of some flavor of knowledge and attention(different ones in different places, though. This one needs a dash of DNS-foo, something inscrutable involving credit cards will require a dash of knowledge of credit law tomorrow, the day after that it'll be something from the phone company about subscriber private information, and so on and so forth). In each individual case, there is arguably a decision being made; but the overall effect is a pretty sad mockery of the notion of choice.

Re:Fantastic.

Here is how to disable these Rogers ads. They are using DNS redirects for all invalid subdomains.

edit c:\windows\system32\drivers\hosts

and inside the hosts file add
127.0.0.1 www20.search.rogers.com
127.0.0.1 rogers.com

that will completely disable the redirects so you begin to receive your normal Firefox/Safari error pages instead of Rogers' mocked up IE page

Rogers DNS server

If anyone is curious, one such Rogers DNS server is 64.71.255.198.

TDS Telecom, too.

TDS Telecom has started doing this recently, as well. I'm not sure if their services are available in Canada, but I figure others should be made aware of it if they weren't already. Is there a list of ISP's and how they rank as far as net neutrality and subscriber privacy/rights are concerned? Not that the masses would care, but it would be nice to know which companies to avoid.

http://searchguide.tds.net/index.php?origURL=http://invalid.xyz

Re:TDS Telecom, too.

[emeitner]

TDS Metrocom too... all a part of the monther company: Telephone & Data Systems(TDS). Fortunately my firewall is my DNS server and does not use the TDS name servers.

Manitoba Telecom Systems

Another Canadian ISP, Manitoba Telecom Systems, has started doing the same thing as of a month ago. It's really scummy, but not unsurprising since they were recently privatized.

PaxFire

[Effugas]

[This is Dan Kaminsky]

I took a look at what Rogers is doing. They're using PaxFire, who indeed was directly vulnerable to the attacks I described at Toorcon a few months ago. PaxFire fixed their stuff up, but yes, the security of the web at Rogers is limited to the security of those ad servers at PaxFire.

Re:PaxFire

the company i just left is using paxfire too. i kicked and screamed about it, but upper management only cares about the revenue that paxfire will share with the company. it's so wrong. i left 3 months ago after being there for 8 years.

The Verizon Annoyance...

[flajann]

You can "opt out" of the Verizon annoyance by modifying your DNS address by adding "2" to the last octet.

I've had to do this, and it works. No annoying Verizon snatching my failed DNS lookups!

Of course, if you try to get this out of their so-called "tech support", they will not know what you're asking for until you manage to get down to tier 2 or 3 or so. Amazing as it sounds, teir-one Verizon Fios tech support will glaze over at the mere mention of DNS, and will stupidly keep trying to get you to do inane things with your browser.

Re:The Verizon Annoyance...

[code65536]

Unfortunately, this is possible only for their PPPoE users. Customers outside of their northeast service area don't use PPPoE, and it's not possible to change the DNS servers in these non-PPPoE cases with the routers supplied by Verizon. >:(

Re:The Verizon Annoyance...

[John+Hasler]

Why so you have to use their router? Can't you put the modem in bridge mode and use your own router?

Re:The Verizon Annoyance...

[PunkOfLinux]

yes, you can. That's exactly what I have going on here. And I tried using OpenDNS and it STILL forwarded to the damn verizon page.

Re:The Verizon Annoyance...

[hal9000(jr)]

I have FiOS with the actiontec router and all you need is the password and you can tweak whatever you want. Verizon is actually pretty good about letting you manage your the router they supply. Of course, of you hork it, they tell to to reboot to factory defaults. :)

Re: the GP and not getting good tech support. When they first starting doing this, I followed the help, and it didn't work. I called tech support, the guy I talked to argued with me that 1) Verizon does mess with DNS and 2) I had a virus. Idiot.

Re:The Verizon Annoyance...

[sniepre]

What? That is ridiculous to say. If your provided router will not allow you to change the DNS servers it looks up from, then set your workstation to not look to the router for DNS! (Or, don't accept the DHCP handed off DNS ips that it gives you)

Just set your local workstations DNS to pull from, oh, 4.2.2.1 and 4.2.2.2 and just bypass their crappy DNS altogether.

Re:The Verizon Annoyance...

[Suddenly_Dead]

Why not? Why do you need to change it on the router's side? Can you not bypass the router's DNS server and just set another one?

Re:The Verizon Annoyance...

[flajann]

I have Verizon Fios, and it is NOT PPPoE. I was able to change the DNS setting without a hitch. You may have to do it in the "modem" itself. I have a NAT setup with a subnet behind the firewall with a DNS server, so I was able to alter the forwarding requests there.

Re:The Verizon Annoyance...

If you have FiOS TV + Net, their router is required because you're not talking to their network over ethernet, it's over coax. Their router is a rebadged netgear judging from the port forwarding bugs common to both. I.E. Complete wank and little you can do about it.

Buy hey, you can always ask for help in alt.networking, oh no you can't. Verizon no longer carry alt.* newgroups.

Verizon Does the Same

Verizon does the same thing. They have a howto page that tells you how to switch DNS if you do not want to see their DNS redirects page. Even if you follow their instructions and change the DNS values to the recommended ones, you still get redirected!

Only way around it is to use google to enter urls. It requires one extra step, but I do not have to see Verizon's crappy search page.

Add Insight to the list

[sokoban]

I guess the thought with the ISP's nowadays is that "everybody else is doing it, why can't we?"

Re:Add Insight to the list

[sokoban]

And my comment was moderated...

+1 Insightful

[Rimshot]

Re:Add Insight to the list

I have insight too and they are indeed doing this. I normally use an inhouse dns server and don't notice.

Seems to be some legal issues with this. If someone misspells a host on my company's doamin (wwww.mycompany.com), it returns an ip address that resolves to a web server with ads/search. They're serving ads on my domain!

Opting-out still returns an ip address for nonexistant hosts, now the webserver retruns IE's page cannot be displayed page... I'm using firefox on linux - they stole IE's dns error page. The opt-out therefore does not actaully opt-out.

Comcas

[wolfponddelta]

Where I live, Comcast started this a few days ago, as well. (a smaller company was sold to comcast last year, and so we were stuck with them). Oddly enough, however, instead of being redirected to a comcast page, we're being redirected to an earthlink ad page.

A spot of research brought up this Wired article from April on possible site hijacking through such error pages... http://blog.wired.com/27bstroke6/2008/04/isps-error-page.html

Not sure if it's related, but Comcast was recently in discussions to sell their rights up here (that they just bought), and one of the possible buyers, iirc, was Roger's (though am not in Canada, just very near).

Re:Comcas

Comcast does not currently engage in this practice.

par for the course

This is typical of Rogers and the other government anointed monopolies. By barring foreign competition, these large businesses have no incentive to listen to customer demand and market forces. They are free to act with wanton disregard for anything, save the bottom line.

Other examples of broken laws regarding foreign competition in Canadian markets:

- The Rogers iPhone data gouging fiasco
- Bell & Telus' plan to charge for incoming text messages
- Bell throttling its wholesale DSL customers, OUTSIDE of its network
- Expressvu (Bell again!) and Starchoice being able to package programming at inflated rates with no a-la-carte option
- Guelph Hydro taking deposits on which they 'give' customers an interest rate of prime MINUS two percent
- All Canadian banks CHARGING customers for the privilege of holding their money and paying .25% interest rates on saving accounts(!!)

the list goes on. no competition = bad bad bad for consumers.

Re:par for the course

[Clover_Kicker]

Yes, let's please open up the market so I can be sodomized by the Yank cable companies and telcos instead of Rogers/Bell.

Most of the posts on this thread are Americans complaining about their ISPs doing the same thing.

Re:par for the course

[Nikker]

To make this work the people have to own the network infrastructure. They have to own the cables right up to the switch where it goes from there would be the ISP's job.

Opt-out, or is it?

I'm a Rogers customer, and I noticed this earlier today, as I often use my Firefox address bar as a way to get to sites. What I used to be able to do is type a search term, and if the domain could not be resolved, it would do a Google search and open the first result â" which is the page I want, 90% of the time.

Suddenly, I got this Rogers (powered by Yahoo!) search page. Fortunately, I thought, there's a link to opt-out (by putting a cookie in the search.rogers.com domain). I did this, and I indeed no longer get the search page. Instead, when I type something that doesn't resolve, I'm sent to http://www20.search.rogers.com/not_found instead, which shows a broken IIS 404 (with a link to opt back in to their search program).

If they're going to provide this, it's not a big deal to me as long as I can opt out â" and truly opt out altogether.

Timewarner/Verizon

I have Road Runner (prior Adelphia customer) and they had an opt-out mechanism, that seemed to work.

On roadrunner's business product (at my job) they didn't seem to do the same sneaky thing (no dns foully)

I've also witnessed this on Verizon FIOS, I think they had an opt-out option as well, but I'm not sure if it works, (wasn't my connection)

Its good that they are doing an opt-out, but its sneaky and should be opt-in.

-Andrew

Rogers are Scum

[JeremyBanks]

I've switched over to TekSavvy and am very happy. Paying less, too.

Re:Rogers are Scum

[CastrTroy]

Is Bell still throttling their services? I know there's a courtcase going on right now against that, but I was wondering if they had to stop now, or if they could wait until they were actually found guilty of something.

Re:Rogers are Scum

[JeremyBanks]

I haven't heard anything new about that, I'm not sure if it's still being throttled, however the speeds I got when downloading were fine by my maybe-not-great standards (200 Kbps).

Re:Rogers are Scum

[s7uar7]

I'd switch back if I was you, they seem so be replacing proportional fonts with fixed-width.

Just change DNS Servers.

[GNUALMAFUERTE]

This is the best way:

on resolv.conf:

nameserver 4.2.2.1
nameserver 4.2.2.2

If you have a laptop or other device where you might use different connections, this is a good way to make sure your DNSs are not changed by different apps (I might connect using either wvdial or kppp, through EDGE/3G, or using KDE's wlan manager, simple DHCP on ethernet, etc)

Just set the immutable flag on your resolv.conf file:

chattr +i /etc/resolv.conf

If you want to make it writable again run:

chattr -i /etc/resolv.conf

Re:Just change DNS Servers.

[mysidia]

It is not recommended to set immutable bit, as it causes issues in various situations (like restoring /etc from a backup). Failure to write to an immutable file is an API issue unique to Linux boxes that use ext2fs or ext3fs.. Systems that run ReiserFS, XFS, or jfs, don't have this bug.

Future versions of DHCPD/Ifplug, or the C library, may very well properly detect the 'immutable' bit and clear it, before writing, then re-set the bit after finishing.

Just like they do if you're root and try to write to a file that exists with mode 444.

Essentially, immutable bit was historically a half-baked feature intended to be used with 'securelevel'.

The concept is you are able to mark important system files immutable, and then raise the securelevel. Once the securelevel is raised, the filesystem will not allow important system to be changed without booting in single user mode.

The removal of securelevel from the kernel in 2.4.x likely means that the days of the 'immutable' bit are numbered as well. Some day you may upgrade your kernel, and be surprised to find out immutable doesn't do anything anymore.

The reliable way to turn off gathering of DNS settings from DHCP is to use distro-specific instructions.

For example, in Redhat-based distros you edit /etc/sysconfig/network and specify "PEERDNS=no"

Of course, now that you understand the risk that the immutable bit may stop working for you unexpectedly later, you can go ahead and try setting it anyways... because it's easy, and simpler than configuring your network software the right way.

Redirect DNS

[Krneki]

What is the problem with redirecting wrongly typed Url? It's not like "Page not found" helps a lot. I like OpenDNS search engine, if I miss-type the url.

Re:Redirect DNS

[John+Hasler]

They don't know that the URL was wrongly typed (or typed at all, for that matter). All they know is that they can't find a DNS record for it.

Re:Redirect DNS

[Todd+Knarr]

What's the problem? Well, first the problem is that you're assuming that every DNS lookup is from a Web browser. What happens to my copy of Eclipse, which is not a Web browser but uses DNS lookups and HTTP to find the servers to check for updated files? It depends on getting a "not found" DNS error to tell it when a server doesn't exist anymore, and it's going to have a real hard time when someone usurps that and hands it an HTML page instead of the file-version XML or HTTP 404 error it expects.

The Internet consists of more than humans looking at Web pages in a graphical Web browser.

Firefox workaround? Greasemonkey?

[BrianMertens]

So who wants to whip up a greasemonkey script that redirects the Rogers hijack page to, say, a Google search?

Please?

Opt Out

[gklinger]

Yes, it's obnoxious and offensive and worth pointing out that at the bottom of their 'helpful' page is a link marked LEARN MORE ABOUT THIS PAGE which gives the following explanation:

These search results were provided because the domain name you entered into the address bar is either improperly formatted, currently unavailable, nonexistent, or part of a key word search. Rogers Supported Search Results is a service designed to enhance your web surfing experience by eliminating many of the error pages you encounter as you surf.

No software was installed on your computer for this service to work.

Click here if you would no longer like to receive the Rogers Supported Search Results service.

Now for the best part. All that links does is display this custom error page (with the help of a delightful cookie, no less). Rogers has dug out a crawl space under their all time low. What a bunch of idiots.

Re:Opt Out

Ho ho, That's so funny, Rogers.

But I know for a fact that I'm NOT using Internet Explorer! Haha, Rogers, fooled again!

I use Shaw, and to my knowledge, they haven't pulled off this crap... yet.

How is this news?

[Nethemas+the+Great]

How is this news? In the US at least ISPs have been sending people off to http://wwwwh.found-not-help.com/ type places with DNS spoofing magic for years.

Windstream too

[jarndt]

Windstream started this kind of crap earlier this year. I instantly installed my own DNS server. Shortly after that, I learned that Windstream has alternate clean DNS servers.

166.102.165.32
207.91.5.32
From: http://www.dslreports.com/forum/r19794173-Windstream-DNS-Servers-With-and-Without-Ads

Re:Windstream too

[kevmatic]

Hey, thanks. I have windstream, too. I think I'll switch my DNS server links.

You're unlucky. I ran out of mod points yesterday. Other than this, they've been a great ISP, though.

Slow on the up-take

[IBBoard]

Orange did this in the UK at least 18 months ago, I think. Tech Support wouldn't tell me how to get round it (they didn't seem to understand that I didn't feel it was a "feature"), but I found other DNS servers on the Net.

AFAIK none of it is anywhere close to DPI, though. All the other services do is have a DNS server that goes "If I can't find a legit domain then return the IP of the ISP's web server" and the web server is set to listen for all requests, regardless of domain, and then does a search/advert page based on what domain you used.

Even ignoring the technical aspects it breaks, it's just wrong on so many levels.

Run your own

[CustomDesigned]

I got tired of dealing with braindead or deliberately poisoned DNS servers at ISPs a long time ago. Run your own. It is trivial in linux (install caching-nameserver in EL/Fedora), and I assume OSX. I suspect even Windows has an open source named you could run.

Re:Run your own

[superphreak]

http://www.opendns.com?

Re:Run your own

[rabbit994]

It does but it's a bitch to setup and deal with. Windows server does have DNS server that's quite easy to setup and use.

Re:Run your own

[CustomDesigned]

opendns.com does the very mangling I want to avoid and calls it a feature. At least they tell you they are doing it, and use it for stuff that could benefit end users (filtering allowed site names) as well as their own advertising. But it doesn't solve the problem. It is just a more "open" and up front version of the problem.

Re:Run your own

[m0i]

opendns.com does the very mangling I want to avoid and calls it a feature. At least they tell you they are doing it, and use it for stuff that could benefit end users (filtering allowed site names) as well as their own advertising. But it doesn't solve the problem. It is just a more "open" and up front version of the problem.

Just turn it off (feature called 'typo correction') and you have a rock solid/bug fixed open dns :)

Re:Run your own

[MightyMartian]

I was running Bind 9 quite successfully under Windows 2000 for many years, plus a testbed on XP. I see no reason you couldn't run it in Vista either. Setting up a caching server is pretty trivial.

Re:Run your own

[Dan541]

The point is we shouldn't have to use a third party DNS.

And I was modded

[sokoban]

+1 Insightful

[Rimshot]

At least they are open about it

[CustomDesigned]

They clearly explain that they mangle your DNS requests, and this makes their service "smart". Unfortunately, they do not explain some of the negative ramifications of this. However, their service is targeted to "end-users". Presumably, an email provider would use their own DNS server on a real OS (I do).

Quick to take advantage of a Slashdot link

[markdowling]

Domain Name: ROGERSVIOLATINGNETNEUTRALITY.COM
      Registrar: TUCOWS INC.
      Whois Server: whois.tucows.com
      Referral URL: http://domainhelp.opensrs.net/
      Name Server: NS1.MEDIATEMPLE.NET
      Name Server: NS2.MEDIATEMPLE.NET
      Status: ok
      Updated Date: 19-jul-2008
      Creation Date: 19-jul-2008
      Expiration Date: 19-jul-2009

Corporate VPN Affected

This activity by Rogers is affecting the ability of corporate VPN connections to resolve internal addresses (those located behind their firewalls) leaving Rogers customers unable to access their company's systems.

Re:Corporate VPN Affected

Yeah the VPN problems this causes for me are the biggest PITA going in my mind - I service several clients at any given time by VPN. Before this I would have bet big bucks that I would be using Rogers for at least the next 10 years. Now, if I could find another provider that could give me 10 mbps service for under $100/month, I'd be gone.

Is it wrong to point your DNS forwarder to a root DNS server?

It's Rogers.. why is this news?

[Seek_1]

Anyone who's been a Rogers customer should not be surprised in the least by this.

Attn Rogers Customers : Switch to Teksavvy, its so nice to actually be appreciated by an ISP.

Re:It's Rogers.. why is this news?

[PhilixDMA]

I did switch to Teksavvy and have had a great experience customer service wise. However, do to their reliance on Bell, there's something fishy going on with torrent throttling. Between 4:30p.m. and 1:30a.m., I cannot exceed speed of 25KB/s down and 10KB/s up using torrents. Changing ports didn't help and using some of the 'encryption' schemes didn't either. I called in and was told that because the area I'm in (Near the Islington subway station in Toronto) has alot of torrent traffic, bell has started using traffic shaping. So, Where do I go from here? Any ideas? Rogers is right out and so is Bell. I like Teksavvy, but I don't like having my usage throttled like this.

Re:It's Rogers.. why is this news?

[Griim]

I so badly wanted to switch to Teksavvy, and I did for a short while. The customer service WAS great. So good they told me the truth that I was +5km from the CO and that the wiring going into my apartment had tons of noise on it :(

Sooo, here I am, still on Rogers. I would love to move somewhere closer to a CO.

MTS

[AliasN]

This is not a first in Canada, MTS does this too (mts.net).

more problems

[l3]

I once tried to figure out why my office outlook suddenly took like 3 minutes to start up. Eventually I found out it was trying to connect to "exchangeserver", which is on the lan and not at home. Really nice of the opendns people to forward all these request to their search pages I eventually found out. After I changed the dns servers back to my isp's it outlook fails to resolve and I get to work in offline mode after a few moments of loading.

MANY MANY ISPs are doing this

[MobyDisk]

I complained to my ISP years ago that they did this. But what recourse do I have? They are the only DSL provider in my area. My other option is Comcast.

This is the problem with the stupid telecom monopolies in the U.S. They are granted monopolies, but they don't have to behave fairly. argh!

Frontier/Citizens does this too

Frontier (aka Citizens, frontiernet.net, citlink.net, newnorth.net, epix.net and gvni.com - global valley) does this too. The problem is, when you "opt out" it doesn't stop.

Not by random

[mseeger]

Hi,

this development is not surprising. The biggest surprise for me was the amount of money that an ISP can make by doing this. Given this fact, this trend is a natural result.

Some ISPs even learned lessons from others who were doing so before. Nowadays such a measure is implemented in a transparent way and the resulting page even contains an "opt out" button. It gets pressed only by less than 1% of all users. Why? They don't try to ram down as much advertisement as possible down the customers throat but also give a "value add" (at least for the casual user) in return (e.g. pointing out, where the typed URL may be wrong). Coupled with some heuristics (redirecting wwwww.google.com but not mxx14.somwhere.net) several ISPs introduced this features without any or very little complaints.

Wether i like it or not is a moot point. ISPs make money this way, most customers can live with it, therfore it will happen. Stupid are those ISPs who try to "force" their users to accept it. As Newton stated, any force will produce a "counter force". These "counter forces" result in negative propaganda for those ISPs and get the attention of users who didn't really wonder why their "error page" has changed before.

Given the current security state of DNS in general, the added security risk by answering for NXDOMAINs does not even approach to be a secondary problem. Making DNS more secure in general would close this loophole as well: your browser could inform you about being redirected by your ISP due to a typo.

Sincerely yours, Martin

P.S. My statement is not "this is good" or "this is bad", it's more "this is inevitable".

tried pandora.com, works only with proxy

[1800maxim]

Earlier I went to Pandora... It was redirected to Rogers search page. I know I typed the URL correctly. I realized that my Tor wasn't running (can't listen to Pandora outside the US), I started it, and everything worked well since.

And guess what, we still have to pay for it!

Well this is fair, they make money off the advertising and we pay for the bandwidth that it uses(although its minimal) what makes that fair?

Rogers, you really better get your act straight, just cause im on contract with you guys for another 30 years and pay my full years salary doesn't mean i like you.

Just Use Open DNS

[Woadan]

Just point your browser to OpenDNS at http://www.opendns.com/. Sign up with them and you'll use their DNS servers as opposed to your ISPs. When I mistype something in my browser, they provide assistance in the form of attempting to send you to the site with the correct spelling. It's free, so there's no barrier to using them. Woadan

Rogers haz broken my internetz

This is my first time posting on Slashdot but I feel compelled to expressed how incredibly upset and pissed off I am with Rogers. No longer can I type in "bmo" to get my bank magically :(

I'm waiting for people to start posting pictures of sad looking kittens with captions of "Rogers haz broken my internetz" and what not so that I can start plastering the local Roger's buildings and offices.

Anyhow, I need to go cry in a corner or something :(

I'm on rogers and they also have a fake 404

I use rogers and this just started the other day and has been freaking me out. After I calmed down and actually looked at the page it says you can "opt out" so I did. BUT it doesn't really opt you out they made a fake 404 page that is still on the rogers domain and they send you there. I only caught it because they copied exactly the IE 404 page and I am using a MAC and Safari so when it says my browser is IE it looked kind of funny. This is the same roger that everyone hates so much that apple cut the number of iphones that they sent to canada, or so I heard. Way to go Rogers, winning fans right and left.
 

Cincinnati Bell DSL Too

[jackal40]

Well, seems it's not just the big ISP - my DSL provider (Cincinnati Bell) does the same. I tried the webmale.google.com FTA which sent me to the CB search page. Any suggestions on what tact to take in filing a complaint?

Modifying Router DNS Configuration?

[Cassini2]

Assuming you are running a Linux or OpenBSD based router, would it be possible to modify the configuration of the router so any attempt to reach search.rogers.com results in a NXDOMAIN record being returned? This could be a nifty mod to DD-WRT and similar packages.

I know this isn't the "right" fix, but it might be very effective.

Hold on just a second!

[epp_b]

Do we know that the ISP is actually using "deep packet inspection" to "hijack" DNS error responses to serve a webpage instead?

Frankly, I doubt it. Chances are more likely that the ISPs DNS software has been customized to serve up a webpage instead of respond with a DNS error flag. I don't know what you think constitutes "deep packet inspection", but this certainly doesn't (nor, in my opinion, does it constitute worthiness of a Slashdot story).

Furthermore, nothing about this violates the principle of network neutrality. No packets have filtered, throttled or shaped in any way. I'm afraid that, unless we can prove they are actually checking packets from DNS requests going to other DNS servers, testing for a DNS error, and then serving up a webpage; "net neutrality", "DPI" and "hijacking" have become mere buzzwords to throw around aimlessly to shamelessly attract media attention.

Can someone on a Roger's connection change their TCP/IP or router settings to use OpenDNS and see what happens on a DNS error?

Re:Hold on just a second!

[SQL+Guy]

Did this, and unsurprisingly got taken to http://guide.opendns.com/?url=www.fjldskjfsdf.com [That's not a surprise, right?]

Solution

[Cassini2]

At the risk of replying to my own question, if you are running DNSMasq on your router, you can use the command:

bogus-nxdomain=64.94.110.11

To block any given IP address, and thus override Rogers override. This works to prevent Rogers from displaying its search page, no matter what URL you enter.

You can disable it

I called Rogers and complained about this. I was told that it is possible to opt out by clicking "learn more about this page". It sets a cookie, and that "disables" the ad-loaded search page. What you get instead is a fake error page which looks like the ones that IE makes, which is easy to notice when using !IE. The icons on that error page are broken too, which shows just how half-assed this so-called opting out really is.

Deep Packet Inspection...

[nfk]

Did anyone else read that as Deep Pocket Inspection?

opt out

Helpfully called Supported Search Results
Opting out is just done by using non Rogers DNS servers, although this apparently leaves you in an 'unsupported' state according to the text in the opt out instructions.

DPI: The new evil! But it isn't needed to do this

[Brett+Glass]

Funny how, just because a few self-interested Washington lobbyists have declared it so, DPI is the new Ultimate Evil. Exactly how will we block spam if we don't inspect messages traversing the Net?

It's a sign of this DPI hysteria that this article blames DPI for redirection of domain name lookup failures. The fact is, DPI is not necessary to replace NXDOMAIN answers to DNS queries with pointers to a specific server. All one needs is to do some very simple hacking of the recursive resolver. Which is easy if you are the administrator who is running it.

Summary/article likely invalid

[ameyer17]

This likely has nothing to do with DPI, it's just a DNS server (mis?)configured to return a result for all queries.

Re:Summary/article likely invalid

[ameyer17]

Erm... the subject of my previous post should end with "incorrect" instead of "invalid" (yay sleep deprivation).
Think about it logically, though.
Which would be easier to implement, deep packet inspection to hijack connections to non-existent servers or a DNS server that reports a bogus A record instead of a NXDOMAIN?

Anonymous Coward

Frontiernet does this as well - I just put in an invalid domain name, and instead of the standard error page, I get there nice search engine instead... They've been doing this for at least a year.

Silver lining?

[el+americano]

At least you won't get the Microsoft search page. Weren't they the original employers of this tactic? And for as much as they've been sued, they were never sued for that one.

Expect more of this, although the apparently the buck stops at your ISP. For Network Solutions it was a bridge too far.

You can opt out

[SilverJets]

When you get the Rogers search results page, click on the "learn more" link in the bottom right. Then click the link for no longer getting directed to the Rogers search results page.

Re:You can opt out

[SQL+Guy]

I tried this, and then entered a garbage domain. All it does it take you to http://www20.search.rogers.com/not_found which offers you the chance to "opt in" again. Grrrr.

Rogers' "opt out" (not really) option

I'm on Rogers High-Speed, and they are certainly poisoning my requests. Lots of ads on their invalid URL pages. It has a link on the page, "Learn More About This Page", which brings you to another ad-ridden page with the following text:

"These search results were provided because the domain name you entered into the address bar is either improperly formatted, currently unavailable, nonexistent, or part of a key word search. Rogers Supported Search Results is a service designed to enhance your web surfing experience by eliminating many of the error pages you encounter as you surf.

No software was installed on your computer for this service to work.

Click here if you would no longer like to receive the Rogers Supported Search Results service."

Emphasis theirs, obviously. Clicking the link brings you to another page with the following:

"You have successfully changed the selected landing page returned from the Rogers Supported Search Results service. If you would like to revert back to the default results page, simply delete your "search.rogers.com" cookie or return to options.search.rogers.com

NOTE: If you delete your cookies, or use a program that deletes cookies, you have to repeat this process every time your cookies are deleted."

However, I was quick to note that invalid DNS requests still bring up a Rogers page. It's not the search page -- instead, it's a fake IE "The page cannot be displayed" error! The URL for this is listed as http://www20.search.rogers.com/not_found. AFAICT it even tries to refer to a DLL to load IE-style images.

Funny how I get this message in Firefox. It does the whole "Cannot find server or DNS Error; Internet Explorer" thing. Rogers makes no reference to Microsoft trademarks on this page, funny enough.

The only thing different about the page is a link at the bottom, "Change to Supported Search Results option".

Rogers, you fucking fail.

Rick Rolled

[piemcfly]

From the article:

Kaminsky demonstrated the vulnerability by finding a way to insert a YouTube video from 80s pop star Rick Astley into Facebook and PayPal domains

Right, and...

[Stu+Charlton]

Nick Negroponte is a stunning success. not.

Ted's many things, but stupid isn't one of them.

Common in the US

[ChaosDiscord]

Why does this require deep packet inspection? From the description, the ISP is just replacing failed DNS responses with their own IP address. While scummy, my local cable internet provider did it two years ago, and my local DSL provider did it a few months ago. High speed internet is not available where I live without this "feature." (You can work around it by not using their DNS servers. Which is annoying as hell; I shouldn't have to use a third party's DNS server, or run my own, just to get proper service. I should be able to use my upstream provider; it's better for everyone involved.)

Easy Work Around: change User-Agent

$ curl -I "psufsdfsdf.com" -A "Mozilla"
HTTP/1.1 302 Document has moved Location: http://www20.search.rogers.com/search?qo=psufsdfsdf.com&rn=U6do4kni7b5-cE2
running curl without modifying user agent will get proper results.
Modify Headers currently isn't working for me to modify the User-Agent http header. Try some other firefox addon, if anyone knows of one that works properly.

MTS

[Scare,+code+monkey]

Canadian ISP MTS (Manitoba Telephone System?) is doing it too.

Telefonica (Brazil)

[fczuardi]

Telefonica ISP in Brazil (Speedy) is doing the same thing, redirecting unresolved domains to ajudanabusca.com.br which contains ads from Yahoo searchmarketing.

Don't file a complaint, just use the right site!

[freaker_TuC]

Fixed it for you: webmale.google.com.

I'm not taking any more crap from Rogers

[lamz]

I first noticed this morning that Rogers was re-directing my DNS errors. My first instinct was to switch to another ISP provider. Then, I had a better idea.

I've decided to stop paying my Rogers bill.

How do you like me now, Rogers?

Anonymous Coward

I haven't seen any mention of something much worse that Earthlink is doing: even if you choose not to use their DNS servers (by configuring your clients to point to a known non-earthlink server), they hijack port 53 traffic and redirect it to their own servers. So not only do the default DNS servers they give you do this hijacking, they prevent you from using your own servers as well.

TDS too

[Eil]

TDS does this as well and their tech support didn't know what I was talking about when I brought it up. Way to break the RFCs! This is one of the reasons I went back to another provider.