My ongoing battle against Comcast DNS hijacking

Forums: Internet, Dns, Cable, Whiner, Comcast
Email this Topic • Print this Page

DNS hijacking is a sleazy way for Comcast to make a few extra dollars from unsuspecting customers. Every few months I have this same damn problem.

Let's say on Firefox you type "gmail" instead of "www.gmail.com". What is supposed to happen is that the DNS server sends back a "404" which means "page not found". Firefox then can do something intelligent like saying let's try it with .com.

This "page not found" code is a feature. Your browser can then do something intelligent (which I can control). For example it can try gmail.com and then gmail.org or any other of a number of combinations until it gets back a page.

To me this is a nifty feature. It means my browser can do what I want it to do. The key to this feature working is that when there is no page at an address, it must return a "page not found" error.

Well, Comcast never returns a "page not found" error. Instead it returns a fake page that tricks your browser. The browser has no reason to believe it isn't the page you wanted. This page says "we couldn't find the page you wanted, so here are some links that we will get paid for".

This is annoying. They are getting money for taking away a feature that I find useful.

Now, if you are in the know, there is supposedly a way to opt out of this spam page. However the automated way to do this never works the first time meaning I have to spend 20 minutes on the line with their customer service people trying to explain to them what the problem is.

Yes there are solutions, including opendns etc. But the internet should just work, and it does as long as companies like Comcast don't keep screwing it up.

Topic Stats
Top Replies
Link to this Topic

Type: Discussion • Score: 2 • Views: 7,574 • Replies: 24

Sounds to me more like you've got spyware. Is it Freeze.com by chance? I recall I got rid of it - can't recall how, but it may just have been a matter of searching for something like that on my computer and deleting it.

2 Replies

@jespah,

Nope Jespah. It ain't spyware. The spam page is definitely coming from the Comcast DNS. Comcast is foisting advertising on its paying customers.

I had to call two representatives and spend about 35 minutes, but they finally got rid of the damn thing.

Quote:

The idea behind the helper service is a simple one. Despite going against what many might refer to as Internet standards, Comcast among other ISPs are producing “landing pages” for misspelled Web addresses as you hit submit in your browser. So if you type in a domain spelled like Google but mismatched something in the spelling, you will be taken to a Comcast page with advertisements on it.

Now here is where most people don’t care. To Joe Average, this is not a big deal. It’s about as scary as “Page cannot be displayed.” So the user will likely stop, then try again — this time getting the page right. For SoHo and power users on the other hand, this is an issue with the lack of NXDOMAIN when Comcast uses this type of service. Why does this matter? Well, it can create some serious complications with services like some spam filtering or VPN access where a company’s own nameservers need to be used as the public ones are failing. Sadly, in order for software to know they are failing means that NXDOMAIN must be in play. With Comcast by default, they are not

http://www.lockergnome.com/it/2009/08/10/comcast-domain-helper-service-is-not-welcomed/

1 Reply

@maxdancona,

Hmmm, interesting. I just tried inducing this error (by making up a bogus www.blahhhht.com) address, and Comcast intercepted it and actually produced a fairly helpful search result page. But the URL has to be at leas somewhat recognizable. If I completely mangle the URL, like sewe333.treal.muk all I get is a browser error saying it can't find the domain.

The comcast page I get also has a "disable this error" link on it, which I assume will let me disable the result screen. But I don't want to disable it, because what I'm seeing appears fairly useful.

I don't see any ads on the pages I'm getting.

2 Replies

@rosborne979,

How is the search result page "fairly helpful"? The top half is even called "featured links" which means "we got paid for giving you these ads". There are lots of things you could get, including a google search, which would be better.

The point is that you should be able to control what happens when you the address you type doesn't return a page. The issue is that this advertising page, whether it is "fairly helpful" or not, breaks the Internet standard behavior.

The Internet is designed to return a page not found code (i.e. 404). If Comcast returns a 404 than I can have my browser handle this however I choose. This feature is then something I control. I could choose to redirect to a google search. Or (as I prefer) I could have my browser understand my common mistakes and fix them without me even knowing it.

When Comcast intercepts your page request to send you to their advertising page, they are taking away any other option that you might choose (unless you go through this long painful process to "opt-out").

It would be interesting if you turned off this Domain Helper and see how much better your browser handles missing pages without it. I bet you will like not having this "feature". The great thing is if you don't like it, once Comcast is out of the picture, you can configure your browser to handle it however you want. Comcast is taking options away from you to give you a page that is designed to give them advertising revenue from a service that you are already paying for.

1 Reply

@rosborne979,

Let me make it clear what firefox should do (and does on my computer one the stupid Comcast thing is fixed).

1) I type "www.amazon.com" I am brought to the amazon.com website no search pane no advertisements and no extra clicks. (Even comcast gets this one right).

2) I type "amazon" (missing the ".com" part) I am brought directly to the amazon.com website. No advertisements and no extra clicks.

3) If I type "amazon.co" I am brought directly to the amazon.com website.

4) I type "able2know" I am brought directly to the able2know.org website.

5) I type "www.brahhhhts.com", I am brought to a Google search page (exactly the same as if I had typed "www.brahhhts.com" into the google search bar).

The fact is that I don't want to see a freakin' search page on any of the first 4 examples. 99% of the time I just want to go to the page I am thinking about and 99% of the time the page I want is absolutely obvious. If I want a search I will type into the search bar and the only other time I want a search is as a last resort.

But the real point is that I can configure this myself. Once Comcast stops hijacking the page not found code the behavior in each of situations is under my control. I can set it up however I like.

If you want a search page, you should be able to choose to have one (and I really doubt that if you had this choice you would choose Comcast. You use this Comcast search page because you are a somewhat captive audience.

Comcast is making it difficult for you to customize your own system because they want to sell advertisements.

0 Replies

@maxdancona,

Simplist solution is to not to used the comcast default DNS server but one that will return a 401 error and below is a utilty program that will find the fasters dns servers for your location.

I do not think this progra give 401 error handling information but trying a few and testings does not seems all that hard to do.

http://www.grc.com/dns/benchmark.htm

0 Replies

@maxdancona,

I guess I so rarely mis-type my URL's that this whole situation isn't even on my radar as something I want to spend time on. But good luck on your quest. Smile

1 Reply

@jespah,

jespah wrote:

Sounds to me more like you've got spyware. Is it Freeze.com by chance? I recall I got rid of it - can't recall how, but it may just have been a matter of searching for something like that on my computer and deleting it.

No, I've seen this with other companies as well.

If they don't find a DNS record for the address you typed in, they send back the IP address of their webserver that dishes out advertisements.

It's very annoying for me, because that address then gets cached on customer DNS servers (who use the ISP DNS server as a forwarder).

0 Replies

@rosborne979,

I like being able to type just the important part of the URL. This is why I always notice when Comcast breaks again. I don't even type "www.able2know.org", or "www.dailykos.com". I just type "able2know" or "dailykos". The internet is smart enough to figure out what I mean as long as Comcast doesn't break it.

Sure this is more of an annoyance than a disaster.

The fact that Comcast is earning advertising money by making the Internet work a little worse for their customers bugs me.

1 Reply

@maxdancona,

That's not the Internet, that's your browser.

My suggestion: Install your own DNS server on your PC to perform your recursive queries.

1 Reply

@DrewDad,

Installing a DNS server is a little overkill for me. There are alternative DNS services including opendns and Google DNS. Or I can keep fighting with Comcast to do the right thing...

1 Reply

@maxdancona,

Why the hell would you trouble yourself with fighting comcast when using another DNS server is so easy?

1 Reply

@BillRM,

I am paying Comcast for internet service. It should just work according to internet standards.

2 Replies

@maxdancona,

Quote:

I am paying Comcast for internet service. It should just work according to internet standards.

Lord a lot of things in life should not be how they are however in the schema of life this is very minor with a fast work around beside.

If you are that unhappy you can complain to the state agency that license them and or try to find another ISP that does not do the same thing.

I question if they had any obligation to follow the internet standards in every detail and most ISP do not do so in one way or another,

Some ports for example with a history of being abused are closed by most ISPs or giving pings back inside their networks and a millions and one others ways that they do not follow the standards.

0 Replies

@maxdancona,

Quote:

I am paying Comcast for internet service. It should just work according to internet standards.

1 Reply

@maxdancona,

Why don't the phone companies, when a number rings busy or there's no answer, divert the caller to a new number where they can listen to ads?

That would be so neat.

1 Reply

@JTT,

GPS companies, instead of telling you you typed in the address wrong on your GPS device, could direct you to the nearest McDonalds(tm). The revenue opportunities are endless.

1 Reply

@maxdancona,

Quote:

GPS companies, instead of telling you you typed in the address wrong on your GPS device, ...

Or an even better idea, ignore your request altogether andsend you to the place of their choosing that they think you would enjoy more than your own first choice.

0 Replies

@BillRM,

This DNS hijacking is fundamentally different from the port blocking you describe for two reasons.

1) ISPs don't directly generate revenue by blocking ports. Comcast is generating revenue by selling ads on this hijack page.

2) Blocking ports has a benefit to the user. It makes the internet more secure by countering specific threats from bots. The Comcast page generates no benefit to the user since browsers work better without the hijacking and the user has the option of a search page (even Comcast's search page) if he chooses.

Comcast is making money selling ads in a way that makes the internet experience worse for their customers.

1 Reply

My ongoing battle against Comcast DNS hijacking

Related Topics

Quick Links

My Account

able2know