NNSquad - Network Neutrality Squad

NNSquad Home Page

NNSquad Mailing List Information


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] HughesNet apparently diverting DNS UDP data

Greetings.  Early test results via the NNSquad test DNS zone are
strongly suggesting that HughesNet is intercepting and diverting
ordinary (UDP) DNS queries at the port 53 level.  AXFR (TCP) queries
do not appear to be similarly affected at this time.

Dig tests set to the dns-test.nnsquad.org DNS server, which should
have returned correct ip addresses, are instead returning (see dig
listing below) an ip address (e.g. associated with
Paxfire, Inc. ( http://paxfire.com/ ):

   "The Paxfire Look-up Service enables a network operator who runs
    his own DNS to generate significant revenue/profits from
    searches conducted by end-users on his network.  Today a network
    operator gets absolutely nothing for these searches.  Paxfire
    can change all that for you today."

Also note below that the dig results claim to have come from the correct
dns-test.nnsquad.org server ip address:


But this is untrue.  The returned host A record is falsified and not the 
correct record held by this server.

The associated "No such domain" DNS diversions lead to Yahoo Search
pages such as:


For Web browsing it is reportedly possible to opt-out of this
diversion to the Yahoo search page by maintaining a cookie (which of
course must be re-established on all associated Web browers whenever
cookies are cleared).  No opt-out appears possible for non-http
services.  It also seems likely that the cookie only prevents the
transfer to the Yahoo search page and probably doesn't affect the
underlying DNS UDP lookup diversion, but this has not been demonstrated
definitively at this time.

Dig test results follow from a representative HughesNet client system.
This is all based on the best information to this point -- additional
data and info will be reported as appropriate.

NNSquad Moderator

 - - -

$ dig @dns-test.nnsquad.org smart.control.hq
 ; <<>> DiG 9.4.1-P1 <<>> @dns-test.nnsquad.org smart.control.hq
 ; (1 server found)
 ;; global options:  printcmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9855
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
 ;smart.control.hq.              IN      A
 smart.control.hq.       60      IN      A <<- BUZZ! WRONG!
 ;; Query time: 866 msec
 ;; WHEN: Sun Mar 16 12:30:56 2008
 ;; MSG SIZE  rcvd: 50