Home page logo
/

nanog logo nanog mailing list archives

Re: US internet providers hijacking users' search queries
From: Owen DeLong <owen () delong com>
Date: Sat, 6 Aug 2011 09:55:34 -0700

I prefer running my own resolver. It's pretty trivial to do on a Mac and I would tend to
think wouldn't be all that hard on Windows, though I have no idea.

A resolver doesn't get much more local than ::1/128.

Owen

On Aug 6, 2011, at 7:41 AM, Scott Helms wrote:

Correct, I don't believe that any of the providers noted are actually hijacking HTTP sessions instead all of these 
are DNS based tricks.  Since the service providers are also providing DNS (via Paxfire and others) users don't have a 
lot of choice.  You can switch to using a known public name server (Google's 8.8.8.8 for example) but I hesitate to 
recommend that to most end users because in non-evil networks its better to have local name resolution (because of 
GSLB & other reasons).

On 8/5/2011 9:14 PM, Joe Provo wrote:
On Fri, Aug 05, 2011 at 05:04:51PM -0700, Bino Gopal wrote:
http://www.newscientist.com/article/dn20768-us-internet-providers-hijacking-users-search-queries.html
It is more than slightly misleading to say "hijacking search
queries"; paxfire is evil as it hijacks dns and breaks NXDOMAIN
and they've been doing that for ages. The user behavior of
searching in the address bar has become more common place, and
browser behavior to try and resolve first, fallback to search
for the same input field has both trained the humans to keep
doing this and made it possible for DNS query interlopers to
appear to be generic-search interlopers.




-- 
Scott Helms
Vice President of Technology
ISP Alliance, Inc. DBA ZCorum
(678) 507-5000
--------------------------------
http://twitter.com/kscotthelms
--------------------------------


Attachment: smime.p7s
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]