Comcast DNS servers returning bogus information
Drake Wilson
drake at begriffli.ch
Sun Aug 24 16:37:04 UTC 2008
Quoth Scott Bennett <bennett at cs.niu.edu>, on 2008-08-24 10:47:26 -0500:
> Aug 24 09:48:48.821 [notice] Your DNS provider has given "68.87.64.132" as an answer for 11 different invalid addresses. Apparently they are hijacking DNS failures. I'll try to correct for this by treating future occurrences of "68.87.64.132" as 'not found'.
> Aug 24 09:49:18.828 [notice] Your DNS provider tried to redirect "www.google.com" to a junk address. It has done this with 3 test addresses so far. I'm going to stop being an exit node for now, since our DNS seems so broken.
I'm not a Comcast customer, but just for the record, some Web searches
turn up similar symptoms being discussed in various places (though
beware of the Net of Fools):
http://lists.netisland.net/archives/plug/plug-2006-07/msg00105.html
http://www.twtex.com/forums/showthread.php?t=19796
http://text.broadbandreports.com/forum/r18642488-Replaced-cable-modem-but-new-one-stuck-on-Comcast-page
Summary: according to an approximate consensus of the Net of Fools,
this happens with accounts that are (possibly erroneously) considered
suspended or deactivated, or on some forms of network topology
changes, such as the MAC address being presented by the modem to the
far end changing, or possibly the MAC address being presented to the
modem changing without the modem being reset. Supposedly, the address
68.87.64.132 when accessed by HTTP from inside Comcast's customer
network yields a page that requests that you run their "activation
software" and enter your account information in order to reregister
the modem (I guess).
My first guess would be that they noticed your Tor node and tried to
disable it, then just disabled the DNS rather than everything. My
second guess would be that a MAC address changed somewhere. I don't
know whether either of these is the case, and I don't know anything
about their "activation software".
---> Drake Wilson
More information about the tor-talk
mailing list