Home page logo

nanog logo nanog mailing list archives

Re: US internet providers hijacking users' search queries
From: Scott Helms <khelms () ispalliance net>
Date: Sat, 06 Aug 2011 10:41:10 -0400

Correct, I don't believe that any of the providers noted are actually hijacking HTTP sessions instead all of these are DNS based tricks. Since the service providers are also providing DNS (via Paxfire and others) users don't have a lot of choice. You can switch to using a known public name server (Google's for example) but I hesitate to recommend that to most end users because in non-evil networks its better to have local name resolution (because of GSLB & other reasons).

On 8/5/2011 9:14 PM, Joe Provo wrote:
On Fri, Aug 05, 2011 at 05:04:51PM -0700, Bino Gopal wrote:
It is more than slightly misleading to say "hijacking search
queries"; paxfire is evil as it hijacks dns and breaks NXDOMAIN
and they've been doing that for ages. The user behavior of
searching in the address bar has become more common place, and
browser behavior to try and resolve first, fallback to search
for the same input field has both trained the humans to keep
doing this and made it possible for DNS query interlopers to
appear to be generic-search interlopers.

Scott Helms
Vice President of Technology
ISP Alliance, Inc. DBA ZCorum
(678) 507-5000

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]