homepage Welcome to WebmasterWorld Guest from 54.197.215.146
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / WebmasterWorld / Domain Names
Forum Library, Charter, Moderators: buckworks & webwork

Domain Names Forum

    
ICANN: Harms Caused by NXDOMAIN Substitution
engine




msg:4032132
 11:42 am on Nov 26, 2009 (gmt 0)

ICANN: Harms Caused by NXDOMAIN Substitution [pcworld.com]
ICANN (Internet Corporation for Assigned Names and Numbers) on Tuesday condemned the practice of redirecting Internet users to a third-party Web site or portal when they misspell a Web address and type a domain name that does not exist.

Rather than return an error message for DNS (Domain Name System) requests for nonexistent domains, some DNS operators send back the IP (Internet Protocol) address of another domain, a process known as NXDOMAIN substitution. The target address is often a Web portal or information site.

Handling DNS requests this way has a number drawbacks that could lead to the Internet not working properly, according to ICANN.


 

stormy




msg:4032197
 1:59 pm on Nov 26, 2009 (gmt 0)

That's great news! Now how do I get my ISP to stop doing that?

swa66




msg:4032222
 2:53 pm on Nov 26, 2009 (gmt 0)

Now how do I get my ISP to stop doing that?

You can vote with your buying power:
Cancel your contract and make sure they know why you did.

The case presented by the companies selling this scam as a service to your ISP is quite compelling and hard to combat unless customers are willing to walk. "Churn" is what telco's hate to have and by far the best argument to combat the scheme.

Hugene




msg:4032250
 3:54 pm on Nov 26, 2009 (gmt 0)

My ISP has a setting that you can click on to disable this, but it goes in a cookie. That's really scary cause basically, they probably read a cookie to see if to hijack my DNS result or not, every time.

That practice should be made illegal by lawmakers. Yet something more we could add to Net Neutrality.

Imagine your TV cable operator hijacking the empty channels to put some of their stuff. Pure craziness.

moltar




msg:4032275
 4:37 pm on Nov 26, 2009 (gmt 0)

Change your DNS to OpenDNS

GaryK




msg:4032331
 6:51 pm on Nov 26, 2009 (gmt 0)

Change your DNS to OpenDNS

I thought OpenDNS was one of the worst offenders. Even when I'm logged-in to my OpenDNS account and I enter a non-existent domain name they show me a page of sponsored links.

Imagine your TV cable operator hijacking the empty channels to put some of their stuff. Pure craziness.

Mine does exactly that!

IanTurner




msg:4032344
 7:26 pm on Nov 26, 2009 (gmt 0)

There are some interesting benefits from the lawmakers perspective of this practice. It could allow them to cut off a lot of access to specific domains if they contact these DNS providers - this can be used to help in clamping down on illegal sites (such as phishing sites) that use fast flux IP addresses.

Whether the lawmakers would want to make NXDOMAIN substitution practices illegal (especially in countries outside of the US) is unlikely.

Change your DNS to OpenDNS

Agree they are one of the worst offenders - it is not that difficult to set up your own DNS server and link it directly in to the root servers.

commanderW




msg:4032377
 8:21 pm on Nov 26, 2009 (gmt 0)

Comcast started doing this some months ago. I was immediately irritated because I could not tell why I got the wrong domain. Did I type it wrong, or was the domain no longer there. MY web browser gives an error, under normal conditions, which I find quite helpful. Winding up at my ISPs faux info MFA portal instead really made my blood boil. I pay 50$ a month for high speed access. Why do they need to redirect my browser to their landing page. It really is just an MFA landing page they're operating! So-called 'helpfull suggestions' for what site I might be looking for are redundant at best (I get better results on Google), and an interference in my affairs at all times. I 'opted-out' of course. But I do want to know what this means. A cookie you say?! They should restore my previous normal connection to the internet, period.

it is not that difficult to set up your own DNS server and link it directly in to the root servers.

Well, that's one way out that I hope I don't have to investigate further.

With ICANN's announcement maybe complaints might gain some weight. I hate this. It seems some ISP's, like Comcast, never tire of finding ways to interpose themselves in the flow of traffic between their customers computers and the world. Sandvine throttling was basically a 'man-in-the-middle' attack. This is DNS hijacking. If I did it, the FBI would be kicking down the door!

moltar




msg:4032438
 10:44 pm on Nov 26, 2009 (gmt 0)

OpenDNS displays a custom search result page only when the domain isn't temporary responding, but not for non-existing domains. I actually find that page useful, even though it does have ads.

mcavic




msg:4032481
 1:20 am on Nov 27, 2009 (gmt 0)

it is not that difficult to set up your own DNS server

True. I run my own DNS on my XP workstation, for a different reason. I had to pay for the software, but it's full-featured, fast, and easy.

davelms




msg:4032583
 7:54 am on Nov 27, 2009 (gmt 0)

OpenDNS displays a custom search result page only when the domain isn't temporary responding, but not for non-existing domains.

I get the same OpenDNS "guide" page with ads on it for non-existing domains too, as well as when a site is temporarily not responding.

moltar




msg:4032827
 5:53 pm on Nov 27, 2009 (gmt 0)

I get the same OpenDNS "guide" page with ads on it for non-existing domains too, as well as when a site is temporarily not responding.

that's weird. maybe i have a grandfathered account? i just tried a bunch of different typos and all of them resulted in firefox page, not opendns. i also don't see any settings to turn it on/off. I however found a references from a couple of years ago, one of the OpenDNS people commenting on a blog entry saying that they can turn it off if you ask for it. I don't remember asking myself though.

Philosopher




msg:4032852
 6:33 pm on Nov 27, 2009 (gmt 0)

This annoys the hell out of me. I currently use Charter and they do the same thing. I've opted out of their service, but they STILL don't show the default error page. Instead I get bounced to URL on their site that displays the default error message.

g1smd




msg:4033305
 7:36 pm on Nov 28, 2009 (gmt 0)

When an entered domain does not exist because of a user typo, the normal DNS error allows the user to correct that error and try again.

When the typo is redirected[or DNS hijacked], the browser's URL bar shows a different URL which means the user has to type the whole URL again.

I avoid any ISP that does this.

gpilling




msg:4033609
 6:43 pm on Nov 29, 2009 (gmt 0)

qwest does it as well with their DSL service. very annoying.

ColinPL




msg:4034875
 9:34 pm on Dec 1, 2009 (gmt 0)

That's great news! Now how do I get my ISP to stop doing that?

Change your DNS servers to #.#.#.1 and #.#.#.2.

[edited by: Webwork at 3:39 am (utc) on Dec. 2, 2009]
[edit reason] No specifics please [/edit]

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Domain Names
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved