[TriLUG] Frontier doing packet inspection?

Joseph Mack NA3T jmack at wm7d.net
Sat Dec 7 16:49:04 EST 2013


On Sat, 7 Dec 2013, Craig Cook wrote:

thanks everyone.

>> How does Frontier even know I got a "404 page not found" without doing packet inspection?
>
> Maybe something like this?
>
> http://www.ckollars.org/dns-intercepting.html
> http://breakstuffmajorly.blogspot.com/2012/11/stop-your-isp-from-intercepting-your.html

thanks. I've read these, or pages like them, in the early days.

> Or, what makes you think Frontier is not running a large proxy farm that you 
> can't see.  They make the proxy return "friendly" errors.

this is the most likely explanation. I take it there's no easy way around this?

Although I said in passing that I wasn't using Frontier's DNS servers, I didn't 
give the evidence for this.

o I'm running the dsl modem in bridge mode, so I assume it isn't rewriting 
packets

o I'm running named locally with

forwarders {4.2.2.1;4.2.2.2;};

I have a bunch of commented lines above this line showing that at one stage I 
was using OpenDNS and then Google for DNS. I didn't leave notes saying why I'm 
not using them anymore. I think I stopped using Google's DNS, because I didn't 
want them to know any more about me than they already did.

Jason said:

> That sounds great, but I don't think you can get a 404 message from a
> machine you can't actually resolve to a host.

yes. my mistake. thanks. I got some sort of "not found" error buried in a screen 
telling me what a great job Frontier had just done. With the Snowden 
revelations, it occured to me that my packets were being inspected.

I now remember that I'd just put in a bad url ;-\

Joe

-- 
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!


More information about the TriLUG mailing list