Re: DNS hijacking (was Re: Is this an intrusion?)

2017-06-19 Thread Stuart Henderson
On 2017-06-19, Rui Ribeiro wrote: > Depending on how "evil" the ISP is, or how you want to obfuscate your > metadata, you might want to have a look at dnscrypt > https://blog.ipredator.se/openbsd-dnscrypt-howto.html Yes, that's an option, though it does just move your trust

Re: DNS hijacking (was Re: Is this an intrusion?)

2017-06-19 Thread Rui Ribeiro
Hi, Depending on how "evil" the ISP is, or how you want to obfuscate your metadata, you might want to have a look at dnscrypt https://blog.ipredator.se/openbsd-dnscrypt-howto.html On 18 June 2017 at 10:59, Stuart Henderson wrote: > On 2017-06-17, Paul Suh

Re: DNS hijacking (was Re: Is this an intrusion?)

2017-06-18 Thread Joe Holden
On 18/06/2017 10:59, Stuart Henderson wrote: > On 2017-06-17, Paul Suh wrote: >> Folks,=20 >> >> My understanding of the way that this is done is by returning a CNAME = >> when the ISP's DNS recursive DNS server would otherwise return a = >> NXDOMAIN result, followed by a

Re: DNS hijacking (was Re: Is this an intrusion?)

2017-06-18 Thread Stuart Henderson
On 2017-06-17, Paul Suh wrote: > Folks,=20 > > My understanding of the way that this is done is by returning a CNAME = > when the ISP's DNS recursive DNS server would otherwise return a = > NXDOMAIN result, followed by a HTTP 302 when the browser attempts to = > reach the

DNS hijacking (was Re: Is this an intrusion?)

2017-06-17 Thread Paul Suh
On Jun 16, 2017, at 9:32 PM, Joe Holden wrote: > > It is done by the VM dns servers, if you visit a domain that doesn't > exist you should be directed to the advanced search page, there *should* > be a link to disable it there, but if not login to your account and >