Tigraine

Daniel Hoelbling-Inzko talks about programming

Help! My provider hijacks my DNS requests!

Posted by Daniel Hölbling on June 26, 2009

Today I followed a link to a no longer active domain and suddenly found myself on UPC’s (my provider) search looking for that URL:

image

My first reflex was to check if my default search provider may be set wrong:

image

Woot? No, my search provider is Google. I just queried a DNS record that does not exist, and I got a result back instead of a DNS error. Now, imagine my head going red and some danger lights starting to flash.

First test I did to confirm my suspicions: open a raw putty connection on port 80 to some random DNS I know doesn’t exist:

image

Then I just did a basic HTTP GET request from my console to see what the server would return:

image

Ok, so what just happened here? First of all, there should be no web server to accept my connection! Hell, I shouldn’t even be able to resolve to an IP address!

So, running a quick nslookup turned up something interesting:

nslookup www.lksdafklsdlkfdsf.com Server:  viedns09.chello.at Address:  195.34.133.21
Apparently, UPC is abusing the trust I place in them (by using their DNS server) and resolves ALL requests that can’t be resolved (don’t exist) to their own server that will redirect all HTTP traffic with a 302 status code to their search service.

Now, why is this bad? Isn’t search something I like when mistyping a URL?

Oh, it’s bad I promise you. It’s bad for many different reasons:

  1. All browsers will search anyway if a URL can’t be resolved
  2. My browser thinks the bad domain name actually exists
  3. UPC search sucks
  4. I can’t do anything about it short for changing my DNS server
I do set that search provider inside my browser quite consciously, and I do that for a reason. Google knows my preferences, Google has a search history I use quite often, Google is set to US so it won’t sort German results to the top of the list. And most important: Google has a cached version of almost every page on the interwebz so even expired sites can be looked at with Google.

So, whenever UPC is hijacking my bad DNS request to redirect me to their stupid little search, they take away my freedom of choice and force me (and all users of Chello/Inode in Austria) to override my browsers default behavior in favor of an inferior solution so they generate more search volume on their stupid service!

Only Solution: Pick another DNS. There are plenty of DNS servers out there that will gladly satisfy requests, only drawback is that they aren’t located in my provider’s subnet and therefore won’t be as fast as the one I used before.

This is just sad. Very very sad.

Filed under internet, personal
comments powered by Disqus

My Photography business

Projects

dynamic css for .NET

Archives

more