[mdaemon-l] DNS Hijacking ( was Re: Does not have an MX record)

[Syafril Hermansyah]

On 28/09/19 12.16, Syafril Hermansyah (syaf...@dutaint.co.id) wrote:
> On 27/09/19 11.37, Syafril Hermansyah (syaf...@dutaint.co.id) wrote:
>> On 27/09/19 10.53, Seno H (s...@clipan.co.id) wrote:
>
>> Disamping itu hapus DNS list yang bukan milik ISP seperti 10.0.0.2
>> dan 203.137.3.110, ganti kan dengan>>
>> 203.142.84.222
>> 203.142.82.224
>> 117.102.98.253
>> 182.253.236.236
>> 182.253.236.235
>> 203.142.84.218
>
>
> Dan harus pakai IP-2x itu karena ISP biz.net.id mengharuskan demikian
> sejak September 2013 yl.
> ISP lain di Indonesia dulu juga begitu, sampai dihapus (sementara) 
> September 2017 karena sudah mulai menerapkan http transparent proxy
> dan sekarang dikenakan lagi sejak September 2019 (beberapa hari
> ybl).

Biz.net.id menerapkan DNS blocking terhadap query DNS keluar dari LAN
nya, kalau banyak ISP lain menerapkan DNS redirection (Query DNS keluar
negeri, public DNS di luar negeri, di redirect ke DNS server milik ISP)
atau blocking query DNS ke luar negeri (public DNS diluar negeri).

> Indonesia tidak sendirian lho, banyak negara/ISP lain menerapkan
> juga DNS hijacking/redirection for their own purpose but mostly for
> censorship.>
>
> https://en.wikipedia.org/wiki/DNS_hijacking
>
> ---
> Manipulation by ISPs
>
> A number of consumer ISPs such as AT&T[3], Cablevision's Optimum 
> Online,[4] CenturyLink,[5] Cox Communications, RCN,[6] Rogers,[7] 
> Charter Communications (Spectrum), Plusnet,[8] Verizon,[9]
> Sprint,[10] T-Mobile US,[11] Virgin Media,[12][13] Frontier
> Communications, Bell Sympatico,[14] T-Online,[15] Optus,[16]
> Mediacom,[17] ONO,[18] TalkTalk,[19] Bigpond
> (Telstra),[20][21][22][23] TTNET, Türksat, and Telkom Indonesia[24]
> use DNS hijacking for their own purposes, such as displaying
> advertisements[25] or collecting statistics. Dutch ISPs XS4ALL and
> Ziggo use DNS hijacking by court order: they were ordered to block
> access to The Pirate Bay and display a warning page instead.[26] 
> These practices violate the RFC standard for DNS (NXDOMAIN) 
> responses,[27] and can potentially open users to cross-site
> scripting attacks.[25]
> ----


-- 
syafril
-------
Syafril Hermansyah
MDaemon-L Moderators, MDaemon 19.5.0-64 Beta RC1
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

If you really want to do something, you'll find a way. If you don't,
you'll find an excuse.
        --  Jim Rohn



-- 
--[mdaemon-l]----------------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 19.0.3, SG 6.1.0