Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Security The Internet IT

New Jersey's Cablevision Hijacks DNS Error Pages 200

Posted by timothy from the fine-line-between-service-and-serviced dept.
Selikoff writes "I just noticed Cablevision's Optimum Online service has begun hijacking DNS Error pages with, you guessed it, ad-supported results. Aside from hurting the underlying stability of the Internet, there have been instances where hackers have used such tools against customers. I know Road Runner customers have had to deal with this for a couple months now, although at least they have an outlet to turn it off." Update: 09/30 13:18 GMT by T : Note, as several readers have pointed out, this hijacking is of DNS errors rather than 404 errors as originally presented.
This discussion has been archived. No new comments can be posted.

New Jersey's Cablevision Hijacks DNS Error Pages More

New Jersey's Cablevision Hijacks DNS Error Pages

Comments Filter:

  • Comment removed (Score:3, Interesting)

    by account_deleted ( 4530225 ) on Tuesday September 30, 2008 @09:04AM (#25203521)
    Comment removed based on user account deletion

  • Possible solution? (Score:5, Interesting)

    by Gordonjcp ( 186804 ) on Tuesday September 30, 2008 @09:07AM (#25203559) Homepage

    They're returning adverts for failed DNS lookups, not 404 pages, as others have helpfully pointed out.

    How about a script that hammers suitably random fake domain names continuously (different ones every time)? If the scammers^W advertisers are paying per impression this will majorly hurt their pockets.

  • Re:Possible solution? (Score:4, Interesting)

    by hal9000(jr) ( 316943 ) on Tuesday September 30, 2008 @09:16AM (#25203637)
    How about a script that hammers suitably random fake domain names continuously (different ones every time)? If the scammers^W advertisers are paying per impression this will majorly hurt their pockets.

    Wouldn't that actually help. The impression revenue is probably tied to ad's that are *presented*. If you simply did a bunch of look-ups on fake names, all you would get are A records to the ad page. You would then have hit the web server, download the page and any elements. Then the advertisers would be paying per impression.

  • OpenDNS does this (Score:3, Interesting)

    by fprintf ( 82740 ) on Tuesday September 30, 2008 @09:19AM (#25203659) Journal

    I just redirected my DNS queries to OpenDNS, mostly because of the content/phishing filtering they offer but also some of the statistics on my connection. They make their money, or propose to, by doing this very thing... redirecting Domain Not Found error messages to ad supported pages.

  • Re:Possible solution? (Score:4, Interesting)

    by Piranhaa ( 672441 ) on Tuesday September 30, 2008 @09:30AM (#25203781)

    As much as I hate dns being hijacked (I don't have the issue as I run my own), I'm sure these ISPs view it in a different light. Their argument will be that it's a 'feature' rather than being intrusive on people's browsing: "Helping our customers get to the proper website" or that it helps keep the price of the internet service low so you don't have to pay as much per month. Also, if you start hammering this, I'm sure a flag will rise (if they're at least half smart) and they'll send a nice email out to you stating that you're abusing your service, yada yada..

    Not that any of this is a good thing, but you gotta see it from another prospective...

  • Re:OpenDNS does this (Score:3, Interesting)

    by geminidomino ( 614729 ) * on Tuesday September 30, 2008 @09:37AM (#25203863) Journal

    They make their money, or propose to, by doing this very thing... redirecting Domain Not Found error messages to ad supported pages.

    If that's the case then, regardless of how ethical or up-front they may be about it, then they are unsuitable for certain uses. Ran into this when earthlink started doing this crap and I was running a dnsbl for my own mail server, with forwarding set to one of ELN's DNS servers. Suddenly nothing came through. It was because everything was coming back as a hit.

  • Re:Give me a break... (Score:5, Interesting)

    by geminidomino ( 614729 ) * on Tuesday September 30, 2008 @09:50AM (#25204013) Journal

    Site finder was slightly different from this, in its scope. I doubt ICANN will get involved

    Verisign abused it's stewardship of the DNS Root servers (i.e. the Nameserver's nameservers, those servers that every(?) nameserver contacts to find out who to query...etc...).

    In other words, if your ISP is doing something douchy like this, you can use another nameserver/run your own. That was not really an option with sitefinder

  • Re:Possible solution? (Score:3, Interesting)

    by halcyon1234 ( 834388 ) <halcyon1234@hotmail.com> on Tuesday September 30, 2008 @10:13AM (#25204215) Journal

    That's the great thing about DNS servers-- just like a customer of the ISP doesn't need to use the ISP-provided servers, you don't need to a customer of the ISP to use the ISP provided servers.

    The OP can still use their plan to hammer the servers without violating their terms of service. Just get a bunch of non-customers to switch their DNS to EvilCorp. Write a script to throw out DNS-error requests. Scoop up all the ad-crap that sluices down the tubes, and poison the results. Once you have all the data you need, you can forge your own "impression" requests. Slap them as background "pixel" requests onto the webpage of your choice, throw a LoLCat on it, and let the teeming millions do the rest of the work for you.

  • Re:Possible solution? (Score:3, Interesting)

    by Suzuran ( 163234 ) on Tuesday September 30, 2008 @10:24AM (#25204297)

    And when your service is shut off for excessive downloading?

Slashdot Top Deals

You knew the job was dangerous when you took it, Fred. -- Superchicken

Close