Slashdot Mirror

← Back to Stories (view on slashdot.org)

Comcast Intercepts and Redirects Port 53 Traffic

Posted by kdawson on from the why-we-need-ipv6 dept.

An anonymous reader writes "An interesting (and profane) writeup of one frustrated user's discovery that Comcast is actually intercepting DNS requests bound for non-Comcast DNS servers and redirecting them to their own servers. I had obviously heard of the DNS hijacking for nonexistent domains, but I had no idea they'd actually prevent people from directly contacting their own DNS servers." If true, this is a pretty serious escalation in the Net Neutrality wars. Someone using Comcast, please replicate the simple experiment spelled out in the article and confirm or deny the truth of it. Also, it would be useful if someone using Comcast ran the ICSI Netalyzr and posted the resulting permalink in the comments.

4 of 527 comments (clear)

  1. Not happening to me by jimmyhat3939 · · Score: 5, Informative

    I'm a Comcast user, and I run a DNS server for a few private domains that only I use. I have not experienced this, and I just verified that it's not currently happening. I'm in California if that matters.

    --
    Free Conference Call -- No Spam, High Quality
    1. Re:Not happening to me by whoever57 · · Score: 5, Informative

      Are you certain? If they are redirecting the traffic in their network so that one of their DNS servers responds to the query as if it was your DNS server

      I'm certain. I sent a query to a DNS server that I control. I ran tcpdump on the DNS server and I could see the packets from my home IP address coming in with the query and the refusal going out (I asked the DNS server that I control to resolve yahoo.com, which it should refuse to do).

      --
      The real "Libtards" are the Libertarians!
    2. Re:Not happening to me by whoever57 · · Score: 5, Informative

      Just to be clear about the parameters of this test... I assume the PC from which you sent the request isn't on the same local network as the DNS server?

      The machine from which I sent the request is connected to a Comcast residential Cable Internet connection. The server at the other end is a virtual machine in a colo facility somewhere -- not a Comcast facility. And before anyone asks, I tried both tcp and udp requests with the same result (no interception, no transparent proxy).

      --
      The real "Libtards" are the Libertarians!
  2. So let me see if I have this straight... by BaronHethorSamedi · · Score: 5, Informative

    An anonymous reader submits a "story" linking to a random blog spouting off rumors about a nefarious scheme by Comcast to redirect port traffic. The "story" is then published under a headline asserting the rumor as fact, while the summary is actually a plea for the fact-checking on the story to be done by readers.

    News for nerds, indeed.