Eastlink are hijacking DNS
thparkth
standards, screwing up their customers' applications, and creating
potential security holes by hijacking our DNS queries.
Try it now, if you're an Eastlink customer.
http://www.thisdomaindoesntexistIpromiseyouitreallydoesnt.com
Or hey, drop to your CMD prompt and do
ping pop.eastlink.ca
That host really exists. Many of you probably use it for your email.
Now let's say you had made a typo when you set up your mail program:
ping popp.eastlink.ca
Huh? That exists too? Of course it does, *.eastlink.ca exists now and
all of them are that crappy ad-strewn Yahoo search page. So you'd
still get an error from your mail program, but it would have nothing
to do with the actual fault, and goodness knows how long it would take
to troubleshoot it.
Maybe you use Firefox or Chrome and quite like the page you get when
you mistype a domain name, or even just type some keywords into the
address bar instead of a web address? Too bad, Eastlink have decided
you will now get their crappy Yahoo page instead of what YOU had
chosen. And you can't opt out.
Think that's the worst of it? Sadly not. If you use VPN software, best
check that it still works. Your PC won't bother to try to find hosts
via your VPN connection if they exist in your primary ISP's DNS range.
And remember, *.eastlink.ca now exists. So you can no longer use
unqualified host names via your VPN. For the ones where you actually
get to type in the name, you can probably work around it by typing
"name.yourcompany.com" or similar, but what about the ones where you
don't get to type it, like company applications and intranet web
sites? Most of it just won't work.
This is a blatant breach of Internet technical standards. Eastlink
need to know they we, their customers, didn't ask for this and don't
want it. If you agree with me, please consider joining this facebook
group:
http://www.facebook.com/group.php?gid=153235963294
Cheers,
Andrew
ve1jot
> Eastlink has joined the ranks of ISPs who are breaking Internet
> standards, screwing up their customers' applications, and creating
> potential security holes by hijacking our DNS queries.
>
> Try it now, if you're an Eastlink customer.
>
> http://www.thisdomaindoesntexistIpromiseyouitreallydoesnt.com
ve1jot
> Eastlink has joined the ranks of ISPs who are breaking Internet
> standards, screwing up their customers' applications, and creating
> potential security holes by hijacking our DNS queries.
>
> Try it now, if you're an Eastlink customer.
>
> http://www.thisdomaindoesntexistIpromiseyouitreallydoesnt.com
>
> Or hey, drop to your CMD prompt and do
>
> ping pop.eastlink.ca
>
> That host really exists. Many of you probably use it for your email.
> Now let's say you had made a typo when you set up your mail program:
>
> ping popp.eastlink.ca
desktop:~$ ping popp.eastlink.ca
ping: unknown host popp.eastlink.ca
desktop:~$
thparkth
> Tried it, got a page not found error!
You're lucky, most people are getting redirected to this:
http://search.eastlink.ca/subscribers/assist?url=www.rewrwerew.com
This is happening at DNS level, so if you have manually configured DNS
entries (more than likely for a VE1er!) rather than automatic DHCP
settings you may be escaping it.
Cheers,
Andrew
thparkth
> desktop:~$ ping popp.eastlink.ca
> ping: unknown host popp.eastlink.ca
> desktop:~$
Care to share your /etc/resolv.conf?
The Eastlink servers being offered (to me at least) via DHCP are
24.222.0.94
24.222.0.95
If you try
dig @24.222.0.94 popp.eastlink.ca
you'll see the issue.
Cheers,
Andrew
ve1jot
ve1jot
ve1jot
Disabled
Connection Type
Automatic Configuration - DHCP
Login Status
Connection Uptime
6 days, 23:44:28
IP Address
xx.xxx.xx.xx
Subnet Mask
255.255.252.0
Gateway
24.224.212.1
DNS 1
24.222.0.96
DNS 2
24.222.0.97
thparkth
> DNS 1
> 24.222.0.96
> DNS 2
> 24.222.0.97
Yup, those particular nameservers aren't doing DNS hijacking (yet?). I
see you're not in HRM which may be a factor.
Cheers,
Andrew
ve1jot
servers, altho I could prolly just set up my own, lol!
Cheers, and gl!
JJ
John
So THAT'S what changed over the past couple of days! I noticed a
useless Eastlink page appearing where it's never appeared before.
John
> > Eastlink has joined the ranks of ISPs who are breaking Internet
> > standards, screwing up their customers' applications, and creating
> > potential security holes by hijacking our DNS queries.
>
> > Try it now, if you're an Eastlink customer.
>
> >http://www.thisdomaindoesntexistIpromiseyouitreallydoesnt.com
>
> Tried it, got a page not found error!
I got a "Sorry, we are currently experiencing difficulties. Please try
again." this morning.
Raider
>you mistype a domain name, or even just type some keywords into the
>address bar instead of a web address? Too bad, Eastlink have decided
>you will now get their crappy Yahoo page instead of what YOU had
>chosen. And you can't opt out.
Same thing happened to me. I changed my hosts file to redirect
search.eastlink.ca to my local machine.
Eastlink has no business knowing what I search for. Besides
monitoring customers, I have no idea why they would want to do this.
thparkth
If...
* you mistype a domain name, and rather than fixing your error...
* you do a search via their Yahoo page, and rather than clicking on
one of the results...
* you click on one of the ads on the search results page...
..then Eastlink get like $0.03.
I guess they're figuring that, multiplied by the size of their user
base, the number of people who will actually end up clicking ads is
significant enough to make it worth their while.
Cheers,
Andrew
a
Use OpenDNS.
a
thparkth
> Use OpenDNS.
Open DNS does this hijacking also - it's not an alternative if you're
concerned about this.
By the way, it turns out you can opt out of this Eastlink "feature" by
clicking here:
http://searchmanager.eastlink.ca/optout.php?brand=eastlink&lang=
Cheers,
Andrew
a
Use OpenDNS:
http://www.opendns.com/
It's highly configurable - you don't have to use their domain filters or
dns redirects to a search page...
a
a
> On Oct 13, 9:26 am, a <a...@thisisnotmyrealemail.com> wrote:
>
>> Use OpenDNS.
>
> Open DNS does this hijacking also - it's not an alternative if you're
> concerned about this.
Not if you turn it off on their the settings page.
a
a
> business either.
>
They will know everything you look at regardless of your dns settings,
they're you ISP for chrissake.
a
thparkth
> Not if you turn it off on their the settings page.
>
> a
There is no setting for that. I tried last night.
See here for confirmation:
http://forums.opendns.com/comments.php?DiscussionID=4964
Cheers,
Andrew
a
Try again. If you turn off "typo correction", it disables the guide, or
"search" feature and you get the standard "page not found" error.
The majority of the kb articles on the feature are OpenDNS users who want
to retain the functionality of their OpenDNS shortcuts, URL correction,
phishing protection, and content filtering and NOT have the guide.
I don't use those "features" - just the DNS resolving.
a
A guy
> Eastlink has joined the ranks of ISPs who are breaking Internet
> standards, screwing up their customers' applications, and creating
> potential security holes by hijacking our DNS queries.
From what I can tell, this applies to residential customers only. At work we
don't see that silly Eastlink page. At home, though, I see it.
I've opted out[1] and need to figure out who I should register a complaint
to about this. I guess sup...@eastlink.ca??? Anyone know?
[1] http://searchmanager.eastlink.ca/optout.php?brand=eastlink&lang=
schooner
"A guy" <re...@togroup.tld> wrote in message
news:xViBm.48052$Db2.40134@edtnps83...
It didn't show up for me until today, so they may be rolling it out across
accounts. Regardless it screws up any internal network references to
computers by name. There is however an opt out on the Eastlink page that
turns it off.
a
> I type in a URL that doesn't exist.
>
Well, duh...
a
thparkth
> Apparently you don't understand so I'll explain it for you. Before
> Eastlink started their "search manager" I would get an error message
> telling me that the URL could not be located. Now I get a blank white
> screen after I opted out.
Donna, if you go to a CMD window and typed "nslookup
www.thesitethatdoesntexistblahblah.com", does it come back with a "Non-
existent domain" message?
If so, the Eastlink opt-out has worked and the issue is with your
browser.
If not - if you get ANY IP address back from the nslookup - Eastlink
are still screwing with you.
For what it's worth, even though I opted out a few days ago, Eastlink
are now hijacking my DNS again.
Andrew
Acru Fox
I was wondering why the hell I couldn't remote desktop into my machine for
the last couple days.
Thanks for posting this thread, I had opted out the first time around and
Eastlink re-hijacked my DNS again :|
"thparkth" <andyt...@gmail.com> wrote in message
news:de34e623-a632-4c6c...@h13g2000yqk.googlegroups.com...
> Eastlink has joined the ranks of ISPs who are breaking Internet
> standards, screwing up their customers' applications, and creating
> potential security holes by hijacking our DNS queries.
>
> Try it now, if you're an Eastlink customer.
>
> http://www.thisdomaindoesntexistIpromiseyouitreallydoesnt.com
>
> Or hey, drop to your CMD prompt and do
>
> ping pop.eastlink.ca
>
> That host really exists. Many of you probably use it for your email.
> Now let's say you had made a typo when you set up your mail program:
>
> ping popp.eastlink.ca
>
> Huh? That exists too? Of course it does, *.eastlink.ca exists now and
> all of them are that crappy ad-strewn Yahoo search page. So you'd
> still get an error from your mail program, but it would have nothing
> to do with the actual fault, and goodness knows how long it would take
> to troubleshoot it.
>
> Maybe you use Firefox or Chrome and quite like the page you get when
> you mistype a domain name, or even just type some keywords into the
> address bar instead of a web address? Too bad, Eastlink have decided
> you will now get their crappy Yahoo page instead of what YOU had
> chosen. And you can't opt out.
>
a
>
>> If so, the Eastlink opt-out has worked and the issue is with your
>> browser.
>
> That does appear to be so since I am getting the standard error
> message in my other browsers and in Firefox on my secondary computer.
> A BHO was installed in Firefox and I need to get rid of it.
>
Oh, now who on Earth could have seen that steaming up the harbour?
(10/14/2009 3:25 PM)
a
a
> *sigh*
>
> I was wondering why the hell I couldn't remote desktop into my machine
> for the last couple days.
>
*Bigger Sigh*
That has absolutely *nothing* to do with you RDP-ing to your home PC.
a
thparkth
> *Bigger Sigh*
>
> That has absolutely *nothing* to do with you RDP-ing to your home PC.
Assuming he's talking about RDPing to his work PC via a VPN - a very
usual thing to do these days - then yes, it would affect it. In fact
that's how I first noticed the issue.
Cheers,
Andrew
a
Assume nothing.
a
schooner
"a" <a...@thisisnotmyrealemail.com> wrote in message
news:oPOBm.48218$Db2.28959@edtnps83...
It impacts RDP within your local network, had same issue here, anything
referenced by computer name was getting screwed up by the DNS change, unless
you did a host file entry. Also screwed up connections to locally named
Subversion server. Suprised me it would impact those as well but it did and
was a PITA at the time until I discovered it was Eastlink DNS causing it.
Acru Fox
client and you cannot connect, and you ping that machine and get
"computername.eastlink.ca" with a ping of 60ms you know something is up with
Eastlink doing something. Especially after I pulled the plug on the cable
modem, after a few seconds my internal network names went back to normal.
It's funny people keep saying that I have no idea what I'm talking about
without actually having this experience first hand.
"a" <a...@thisisnotmyrealemail.com> wrote in message
news:oPOBm.48218$Db2.28959@edtnps83...
thparkth
> By the way, it turns out you can opt out of this Eastlink "feature" by
> clicking here:
>
> http://searchmanager.eastlink.ca/optout.php?brand=eastlink〈=
Opting-out seems to expire after a few days. I've had to re-do it
twice now. I guess Eastlink are hoping I'll change my mind.
This really is unacceptable. At the very least they should have enough
respect for their customers to make the opt-out permanent.
Cheers,
Andrew
Acru Fox
Eastlink can keep their DNS servers, I don't want to deal with the hassle of
network names becoming useless every time opting out expires.
They're just counting on everyone being too stupid to even notice...
"thparkth" <andyt...@gmail.com> wrote in message
news:6af4872e-9407-4af1...@o10g2000yqa.googlegroups.com...
R Fox
> I got tired of opting out that I just switched to opendns.
>
> Eastlink can keep their DNS servers, I don't want to deal with the hassle of
> network names becoming useless every time opting out expires.
>
> They're just counting on everyone being too stupid to even notice...
>
>
> news:6af4872e-9407-4af1...@o10g2000yqa.googlegroups.com...
>
> > On Oct 13, 9:36 am, thparkth <andythes...@gmail.com> wrote:
>
> >> By the way, it turns out you can opt out of this Eastlink "feature" by
> >> clicking here:
>
> >>http://searchmanager.eastlink.ca/optout.php?brand=eastlink〈=
>
> > Opting-out seems to expire after a few days. I've had to re-do it
> > twice now. I guess Eastlink are hoping I'll change my mind.
>
> > This really is unacceptable. At the very least they should have enough
> > respect for their customers to make the opt-out permanent.
>
> > Cheers,
>
> > Andrew
Sounds like you had your DNS statically assigned. When I opted out I
noticed that DHCP passed new dns servers. I had no issues with the
opt out. I am assuming they put in a 2 step process. First some
function to opt you out immediately, until the DHCP lease time is up
and you are served the new DNS ips. I am guessing that if you snoop
the DHCP traffic you will see the new DNS Ips in the DHCP offer.
Eri Ramos Bastos
> I've opted out[1] and need to figure out who I should register a complaint
> to about this. I guess sup...@eastlink.ca??? Anyone know?
>
> [1] http://searchmanager.eastlink.ca/optout.php?brand=eastlink&lang=
>
>
I was affected by that today and just sent an email to EastLink about it.
I'm wondering if everyone on this thread has contacted EastLink yet.
_Maybe_ if enough customers complain they'll remove this.
Anyway, I'm trying to find out if Aliant and Rogers have the same stupid
policy in place as well.
Regards,
Eri Ramos Bastos
Rick Walker
"Eri Ramos Bastos" wrote:
> I was affected by that today and just sent an email to EastLink about it.
>
> I'm wondering if everyone on this thread has contacted EastLink yet.
> _Maybe_ if enough customers complain they'll remove this.
I'm with Aliant so it's pointless for me to complain. Then again, how
serious do you think Eastwick is taking that "Save Local TV" customer
response? My guess is they'll do as they please, whatever the outcome.
> Anyway, I'm trying to find out if Aliant and Rogers have the same stupid
> policy in place as well.
Never checked, but if they don't have that policy in place they've
compensated with 3 other policies just as stupid.
fusiond...@gmail.com
fusiond...@gmail.com
Mike Spencer
fusiond...@gmail.com writes:
-------------------------vvvv
> On Monday, October 12, 2009 10:23:03 PM UTC-3, thparkth wrote:
>
>> Eastlink has joined the ranks of ISPs who are breaking Internet
>> standards, screwing up their customers' applications, and creating
>> potential security holes by hijacking our DNS queries.
What new information do you have to add that's relevant today?
--
Mike Spencer Nova Scotia, Canada
IanC
They appear to be increasing in frequency of late. However, they may just appear to be more frequent as the newsgroup continues its spiral into death
Ian