North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Hey, SiteFinder is back, again...

  • From: Stefan Bethke
  • Date: Tue Nov 06 00:39:25 2007

Am 05.11.2007 um 17:16 schrieb Stephane Bortzmeyer:

3) Provide DNS recursors which do the mangling *and* block users,
either by filtering out port 53 or by giving them a RFC 1918 address
with no NAT for this port.

I've seen 1) and 2) in the wild and I am certain I will see 3) one day
or the other.

Just recently in NYC, the hotel "internet" connection did intercept any UDP traffic to *:53, redirecting it to their resolver. Which did not only serve their own A records for names that should have returned NXDOMAIN, but also returned "better" answers than you normally would get (requesting pages from delivered pages from ). Of course it even did that after I had paid and clicked through their walled garden site.


Stefan Bethke <[email protected]>   Fon +49 170 346 0140