benWorks

My attempt at joining the masses

Rogers does it again…Hijacking failed DNS lookups

Well Rogers has done it again.

This time they are forcing their content/ads on anyone who mistypes the URLs just to cash in on the ad revenue. They call it “Assisted Search”…I call it “Assisted Profit”! This also creates havoc while trying to access your corporate network through a VPN.

You can see a detailed explanation at Digital Home Canada.

Now there are several ways around this but all of them require some sort of manual configuration on your part.

The first option would be to use alternative DNS servers like OpenDNS. This is a fairly straight forward process but keep in mind they are ad supported as well. There is a step-by-step walkthrough on the OpenDNS site to help make the nessecary changes required to use OpenDNS. Unlike Rogers they have a simple way to disable the search suggestions on typos. Just disable the “Domain Typos” option under the advanced settings section of your OpenDNS account and OpenDNS acts like a normal DNS service. Note: If you want to use the Content Filtering option of OpenDNS you cannot disable Domain Typos.

A second option for those that are running some variant of Linux on their routers like DD-WRT or Tomato that uses DNSMasq as the DNS forwarder is to use the “bogus-nxdomain” option.  Here is an explanation of the option from the DNSMasq website:

-B, –bogus-nxdomain=<ipaddr>
Transform replies which contain the IP address given into “No such domain” replies. This is intended to counteract a devious move made by Verisign in September 2003 when they started returning the address of an advertising web page in response to queries for unregistered names, instead of the correct NXDOMAIN response. This option tells dnsmasq to fake the correct response when it sees this behaviour. As at Sept 2003 the IP address being returned by Verisign is 64.94.110.11

In DD-WRT this is a very easy task. Simply open the DD-WRT web configuration page and navigate to the “Services” tab and find the DNSMasq section.

Paste this into the “Additional DNSMasq Options” box and apply the settings. No more “assisted profit” webpages.

bogus-nxdomain=8.15.7.107
bogus-nxdomain=63.251.179.17
bogus-nxdomain=65.200.200.47

Now if you wanted to use OpenDNS in conjuntion with the bogus-nxdomain option you just change the DNSMasq options to the following:

bogus-nxdomain=208.67.222.222
bogus-nxdomain=208.67.220.220

It’s unfortunate that these measures need to be taken to ensure a pleasureable non-intrusive internet experience on a service that we pay for. I think our rates should be lowered if they are now Ad-supported.

Hope this helps someone. In the meantime I am shopping around for a new ISP.

July 21, 2008 - Posted by | Uncategorized | , , , ,

3 Comments »

  1. […] Rogers does it again…Hijacking failed DNS lookups Read the rest of the […]

    Pingback by Rogers does it again…Hijacking failed DNS lookups | AdamDicker.com | July 22, 2008 | Reply

  2. Thanks for the tip. It works great!

    Comment by mdseymour | August 23, 2008 | Reply

  3. Yes, the part for the dd-wrt worked great. No more rogers “Forced Ads”. Ive actually talked to rogers about this, even about the packet modifying they do. Its really sad. “Sir e are not modifying anything, we are simply adding an extra packet..” That’s modifying my original packet ne?

    Comment by Paul | September 8, 2008 | Reply


Leave a comment

« Previous |