On 2014-07-24 18:56, jdebert wrote:
On Fri, 25 Jul 2014 03:30:19 +0200
Karsten Bräckelmann <guent...@rudersport.de> wrote:
On Thu, 2014-07-24 at 17:32 -0700, jdebert wrote:
Sprint, which I use for net access is hijacking DNS.
What exactly do you mean hijacking? Routing NXDOMAIN to some sort of
advertising web-server? Or serious packet-sniffing tampering with
*any* DNS query crossing their hardware?
Yes. Also disabling dnssec, not responding to certain queries and
modifying responses and queries.
They like to call it "transparent DNS proxying". But it's not
proxying and obviously not transparent.
If they're actually tampering with DNS requests made to other DNS
servers, I'd give some serious thought to dropping them completely.
If that's not an option, perhaps a $5 VPS at a network location that's
reasonably near yourself, and then forwarding your own resolver to that
resolver over port other than 53.
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
