Slashdot Mirror

← Back to Stories (view on slashdot.org)

Comcast the Latest ISP To Try DNS Hijacking

Posted by timothy on from the c'mon-fellas dept.

A semi-anonymous reader writes "In the latest blow to DNS neutrality, Comcast is starting to redirect users to an ad-laden holding page when they try to connect to nonexistent domains. I have just received an email from them to that effect, tried it, and lo and behold, indeed there is the ugly DNS hijack page. The good news is that the opt-out is a more sensible registration based on cable modem MAC, rather than the deplorable 'cookie method' we just saw from Bell Canada. All you Comcast customers and friends of Comcast customers who want to get out of this, go here to opt out. Is there anything that can be done to stop (and reverse) this DNS breakage trend that the ISPs seem to be latching onto lately? Maybe the latest net neutrality bill will help." Update: 08/05 20:03 GMT by T : Here's a page from Comcast with (scant) details on the web-jacking program, which says that yesterday marked the national rollout.

3 of 352 comments (clear)

  1. Re:Serious question by ground.zero.612 · · Score: 3, Funny

    You're IT for a business. You have employees who check their e-mail from home, accessing your stuff via a split tunnel VPN.

    The computer tries to resolve internalmail.company.com, and normally this should fail, causing the computer to try the VPN's DNS server.

    Instead, your employee's computer gets Comcast's search page server. Their mail client times out.

    You get inundated with tech support calls.

    I fail to see, using your scenario, why Comcast's DNS server would effect the company's internal DNS server, thus creating the conflict you alluded to. Since I'm not sure why Comcast would know anything about the company's internal network... If you meant:

    The computer tries to resolve webmail.company.com , and normally this should fail, causing the computer to try the VPN's DNS server.

    ... then it almost makes sense... but only if you have a poorly constructed hosts file and route.

    --
    "Be prepared, son. That's my motto. Be prepared." --Joe Hallenbeck
  2. It still takes 2 days to opt-out. by WarJolt · · Score: 4, Funny

    Your opt-out request has been confirmed. We will complete processing of this request within 2 business days.

    I wonder if /.ing the Comcast request page makes it take longer. ;-)

  3. Re:Serious question by RegularFry · · Score: 3, Funny

    Allegedly the Cisco client behaves in exactly the way the GP describes.

    --
    Reality is the ultimate Rorschach.