Re: Earthlink Contact - DNS cache poisoning

[Will Dean]

On Sep 24, 2011, at 9:07 PM, Christopher Morrow wrote:

 On Sat, Sep 24, 2011 at 8:51 PM, Jimmy Hess mysi...@gmail.com wrote:
 I think actually.. earthlink uses barefruit? (or they did when ...
 kaminsky was off doing his destruction of the dns liars gangs...)
 Maybe the same backend is used though for the advertizer side?
 (barefruit provides the appliance, some third-party is the
 advertiser/website-host... same for paxfire?)
 

Barefruit was just for returning a search engine result for a NXDOMAIN response.

It appears Earthlink is now using Paxfire to sniff and proxy a users traffic to 
at least one popular website. Besides the obvious privacy implications, it 
introduces a nice captcha on Google.

- Will

Re: Earthlink Contact - DNS cache poisoning

[Christopher Morrow]

On Sat, Sep 24, 2011 at 9:21 PM, Will Dean w...@willscorner.net wrote:

 On Sep 24, 2011, at 9:07 PM, Christopher Morrow wrote:

 On Sat, Sep 24, 2011 at 8:51 PM, Jimmy Hess mysi...@gmail.com wrote:
 I think actually.. earthlink uses barefruit? (or they did when ...
 kaminsky was off doing his destruction of the dns liars gangs...)
 Maybe the same backend is used though for the advertizer side?
 (barefruit provides the appliance, some third-party is the
 advertiser/website-host... same for paxfire?)


 Barefruit was just for returning a search engine result for a NXDOMAIN 
 response.

ah, paxfire does the same...


 It appears Earthlink is now using Paxfire to sniff and proxy a users traffic 
 to at least one popular website. Besides the obvious privacy implications, it 
 introduces a nice captcha on Google.

hrm, they could simply use the appliances to answer: www.google.com
- jomax.net-ns-answer which is a frontend simply 30[24]'ing off to
the jomax-esque site... Oh, you get the captcha though via earthlink?
that sucks :(

-chris