On 18/06/2017 10:59, Stuart Henderson wrote: > On 2017-06-17, Paul Suh <[email protected]> wrote: >> Folks,=20 >> >> My understanding of the way that this is done is by returning a CNAME = >> when the ISP's DNS recursive DNS server would otherwise return a = >> NXDOMAIN result, followed by a HTTP 302 when the browser attempts to = >> reach the host via the bogus CNAME.=20 >> >> My question is would running my own internal recursive DNS resolver be = >> sufficient to stop this from happening? (I run my own DNS server anyway, = >> but I'm curious to see whether it would be sufficient to bypass the = >> search page redirection stupidity.)=20 > > Usually that's enough, but it depends how evil the ISP is. >
Should give them a call and have it turned off anyway really...
