66% or better

Charter screwing with DNS


Charter Communications seems to be pulling some sort of crap with their DNS servers. While working on a new project our friend Billy Hoffman, discovered that Charter was reporting absolutely every domain as resolving. They do offer a solution by providing an opt-out cookie, which isn’t useful at all if you’re not using a web browser… and I’m guessing most of Charter’s subscribers aren’t looking for a bastardized version of the net. We’ve seen recently that messing with DNS like this can actually open up new security holes.

Comments

  1. AndrewNeo says:

    Their ‘search’ redirection was bad enough. I make sure to tell all my friends (the few that don’t know any better) to set manual DNS on their routers to OpenDNS.

  2. Tuckie says:

    No news to me, I noticed this roughly six months ago here in mid Michigan. Soon as a saw the first redirect, I changed my router’s DNS servers. Problem solved.

  3. Empty Jay says:

    The opt-out is absolutely useless. If you’re using anything but a web browser, it doesn’t do anything. Their f-ed up system screwed up our VPN. We have internal (web and non-web) servers that suddenly became unreachable for our users because their primary DNS was resolving to the damn search page instead of falling back to the VPNs DNS and finding the internal server. It broke mail, internal web sites, etc all broke. It took about 2 days to figure out why. F you charter.

  4. TJHooker says:

    I’m on charter. I actually talked to one of there tech people once, and they said DHCP servers on my trunk where faulty. It took them a day to fix it.

    I’ve had problems with them a lot over the years, but they’re the cheapest provider here over 1Mbps. I get digital phone, 5Mbps internet, and a decent TV(which I never watch) channel selection for a low price I won’t solicit. They also have 10Mbps internet.

  5. andrew says:

    i cant **STAND** charter!!! I have charter and it’s been a pain in the rear since day one. flaky connection, slooow, screwy customer support (half their representatives don’t know the DNS server numbers). I wish we could just get DSL here, but, for some strange reason, we’re “out of range”…even though we’re **right in the middle of the friggin city** !!! and what’s worse is they neglected to tell us that until *AFTER* we signed a one year contract. we had to PAY to CANCEL our service and switch back to clumsy ol’ charter!! i **HATE** ISPs! with a PASSION!!!

  6. tjhow says:

    color picture!! burns teh eyes.

  7. simple solution is to go OpenDNS and then turn off the typo correction. This knocks out their “Guide” page and should give you back your non resolution errors.

    NOTE: Have not tried this. I use OpenDNS but have left the typo correction on. Stupid clumsy “cmo” goes back to “com” which is nice.

  8. Stephen says:

    I actually like charter. I have the 10Mbps connection and its one of the fastest around here. No matter who is my ISP I always use OpenDNS.

  9. Matthew says:

    Charter is an evil company. They have the worst service of any company with which I’ve ever had to do business; even worse than fast food restaurants. When I cancel my service with them, they sent my account to collections for not returning a cable box. The thing is: I never had a cable box. Ever. This kind of crap coming from them does not surprise me in the least.

  10. cabler_elf says:

    As a painfully honest charter field service tech, I can honestly say I’m not surprised by this. In fact, I’ve seen and dealt with it for months in our area, and routinely suggested/shown customers how to use opendns instead. Upper management is know for making less than intelligent decisions, usually only affecting us poor saps internally though. Customer support is painful even to us field techs sometimes, but thankfully there are the select that know what’s going on.

  11. akejoda_868 says:

    And why not use the root nameservers?

    http://en.wikipedia.org/wiki/root_nameserver

  12. MooglyGuy says:

    This is nothing new; Time-Warner Cable does exactly the same thing.

  13. ryan says:

    @akejoda_868

    1. Because you lose the benefit of cached entires that are less hops away. So lookups are slower.
    2. It would not be polite to the root servers for everyone to start doing that. It would be like asking the CEO of a company every dumb little question you have when some low level supervisor could do it for you. There is a chain of command you should follow. If everyone starts wasting the time of the CEO (maybe board of directors would be better since its distributed) there starts to be a break down farther down the chain.

    Just use OpenDNS.

  14. rwl says:

    @ryan:

    I agree with point #1 (closer dns cache = faster lookups)
    However, re: #2; to continue your analogy, that only works as long as the low-level supervisor isn’t *lying* to you – which is what charter is doing here. Rather than say “we don’t know the answer (to that URL lookup)”, they are basically saying, “Yep, we know it, that (URL) is right here!”

    If I go to a supermarket and ask a stock clerk where the coconuts are, his answer better be one of these: (a) We don’t have any; (b) I don’t know; or (c) Right over there. And (c) had damn well better be coconuts, and not some overripe watermelons (or “male enhancement” product) they’re trying to get rid of!

  15. Annoyed says:

    I am new to Charter (about a month). I thought that it was odd that half of the “internet” worked. Running some tracert’s were really interesting. DNS problems make complete sense. I guess opendns it is. Hopefully, that will fix some of the connectivity problems…

  16. spiderobert says:

    yeah, we HAD charter about 2 years ago, but they were doing some crap (just in our erea) and then they screwed stuff up so bad that they had to sell their servers around here, so then suddenlink bought them (thinking I guess they could fix them) eventually they got fed up with what ever the hell Charter did and sold to Jetbroadband, whom have thankfully fixed almost every problem, and our internet is like 3 times faster than it ever was!!! :) sorry ’bout you guy’s problems though…

  17. longbow486 says:

    I don’t mind Charter, since they do have one of the most open and insecure networks. I love modem hacking :-)

  18. Blind says:

    This has come up in the past on other sites too. Verizon has been doing it for a while it seems (link below to a discussion on the matter) and Time Warner has been doing it for at least the last year. Time Warner also offers an opt out that at least works for web browsing and ping, but I haven’t explored past that much really. Their response when I wrote them regarding the “broken” nature of the DNS was (as I recall) more or less “We offer an opt out, so deal with it”. I’d really love to have a viable option to switch to for internet, but I’m not seeing much out there and bullshit like this is quickly getting to me.

    Link to discussion on Verizon’s actions.
    http://blogs.msdn.com/oldnewthing/archive/2008/02/20/7806912.aspx

  19. ivan256 says:

    @ryan, re: #2

    Yeah, it’s like that, except that the root servers actually know the answer. ;)

  20. Mike says:

    I’m glad I’ve got Qwest ISP!!!

  21. buzzkill says:

    Charter “communications” sucks azz. They have been pulling this **** for quite some time in my area. And it only is worse with windows if you are trying to VPN to work because of the farked up retarded way that windows does dns resolution order. So when I am trying to resolve a machine at work, charter intercepts the farcking request and gives their dumb freakin “I think you are lost, child. Come into my gingerbread house of paid for advertisers so I can pillage your pockets” instead of simply saying, “umm .. I don’t know” so the DNS res can move on to the next interface so I can get my FREAKIN WORK DONE so I have more time to read Hack-A-Day!!!

  22. DietFig says:

    Good call on OpenDNS, I don’t why I didn’t think of that before.

  23. Blind says:

    http://www.opendns.com/features/guide/

    Since open DNS does the same thing, does it’s op out work across the board or no?

  24. ralph says:

    opendns ???

    Thats not a solution, its just an equivalent problem. Try changing your dns lookup servers per their instructions.

    Now from a command prompt try: nslookup asdf.asdf.asdf

    TADA everything resolves to their servers.

    Now in a browser try http://asdf.asdf.asdf

    TADA you get a page with ads! YAY so much better than the EXACT same problem on charter

  25. Jonathon says:

    I think openDNS only does that for http(s) requests. Normal stuff like your scripts should get the expected failure.

  26. buzzkill says:

    OpenDNS is not an automatic fix. If you get your google on, you will find that in some areas they intercept port 53 traffic and route to their own. Also, opendns is slow as hell.

  27. Stuart says:

    Charter are not alone on this one.
    TalkTalk Broadband in the UK do the same thing, we discovered this ourselves whilst trying to connect people using TalkTalk broadband onto our VPN as it totally f**ks up VPN users.
    We suspected its a supposedly ‘friendly’ feature which forwards people on to TalkTalks ‘nicer’ looking helper page than your typical ‘page not found’ error in IE, as every page would be DNS redirected to the nicer one. Totally unfriendly in reality when you try to do anything out of the ordinary-
    Its actually a Windows VPN client oddity – ISP DNS lookups are still performed whilst connected to the VPN (to Microsoft ISA server at least), arguably normal behaviour.
    So its important for ISP DNSs to fail unresolvable lookups normally, so that they are instead failed thru to the VPN provided DNS (our internal DNS servers). That way, staff can resolve addresses internal to our network (not exposed on the internet).
    Either way, without this oddity, it just wouldn’t be an issue. Typical MS really.

  28. Blake says:

    Thanks for the opendns recommendation, guys.

  29. Tyler says:

    Can someone get me the password to this email account? sonicx@charter.net
    and send it to
    hugdealer@hotmail.com

    It’s ok if it’s impossible to thanks.

  30. Matt says:

    Embarq is doing this in Vegas. Made it a MAJOR pain in the ass searching for a server on our local network as anything you would ping would return an IP address. (figured on what was going on after a couple of minutes) This is messed up!!! All in the name of hijacking bad page requests to get more revenue from their subscribers.

  31. Dan says:

    I don’t think open dns fixes this situation. Charter recently began prozxying all dns requests no matter which dns resolvers you specify. Quite annoying, working for a dns company grom home, this sucks.

  32. Anon says:

    Use your localhost file (C:\windows\system32\drivers\etc\) and put the IP address of the sites you visit the most often. Chances are, there are going to be about 10 sites or so you visit all the time. The computer will check the file first before asking Charter’s DNS what the IP is.

  33. The Man says:

    i just wanna say charter gets a dick. if you have more than one computer and/or modem they wanna charge you twice like assholes.

  34. Ned says:

    I’m on a Sprint 4G Motorolla wireless networkm. No Charter ties at all. Yet they have all my browsers redirected to their DNS page and is killing my business. No solution offered. They hacked across Sprints domain? I’m dead in the water and ready to take legal action if not solved quick!
    Ned

  35. Ned says:

    Wednesday april 11, 2012 and for the 3 time Charter steps on Sprint wireless hosting. Once again I have to call Sprint in order to have them unhook Charter and their DNS change page off my computers. Getting old…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s