Comments on: Ok, *my* port 53 traffic. And maybe yours. And it’s probably Earthlink, not Comcast. http://comcastisfuckingwithyourport53traffic.wordpress.com/2009/06/09/no-really/ Wed, 10 Jun 2009 20:04:15 +0000 http://wordpress.com/ hourly 1 By: comcastisfuckingwithyourport53traffic http://comcastisfuckingwithyourport53traffic.wordpress.com/2009/06/09/no-really/#comment-129 comcastisfuckingwithyourport53traffic Wed, 10 Jun 2009 20:04:15 +0000 http://comcastisfuckingwithyourport53traffic.wordpress.com/?p=3#comment-129 Your sincere and one hundred percent correct compliment is appreciated. Your sincere and one hundred percent correct compliment is appreciated.

]]> By: deep grewal http://comcastisfuckingwithyourport53traffic.wordpress.com/2009/06/09/no-really/#comment-127 deep grewal Wed, 10 Jun 2009 19:12:52 +0000 http://comcastisfuckingwithyourport53traffic.wordpress.com/?p=3#comment-127 This was a hilarious article. You hate Comcast like rappers from the late 80s hated the police. The language you used, in my opinion, is awesome and not overly done. This was a hilarious article. You hate Comcast like rappers from the late 80s hated the police. The language you used, in my opinion, is awesome and not overly done.

]]> By: comcastisfuckingwithyourport53traffic http://comcastisfuckingwithyourport53traffic.wordpress.com/2009/06/09/no-really/#comment-113 comcastisfuckingwithyourport53traffic Wed, 10 Jun 2009 06:18:24 +0000 http://comcastisfuckingwithyourport53traffic.wordpress.com/?p=3#comment-113 That's quite possible, but it doesn't change the fact that Comcast is the one selling me the service. Maybe you need to have a talk with those folks who are sullying your good name. That’s quite possible, but it doesn’t change the fact that Comcast is the one selling me the service. Maybe you need to have a talk with those folks who are sullying your good name.

]]> By: samrolken http://comcastisfuckingwithyourport53traffic.wordpress.com/2009/06/09/no-really/#comment-105 samrolken Wed, 10 Jun 2009 04:42:45 +0000 http://comcastisfuckingwithyourport53traffic.wordpress.com/?p=3#comment-105 I don't get any of this port 53 redirection or anything, but I can back up what you say that Comcast's dns servers for their customers are crap. I spent a long time with weird internet "outages" that were really just DNS servers being broken and host names not resolving. I wonder how much comcast pays people to support customers whose internet is broken and can't just fix their dns servers? it's so embarassing. For this and other face-palmingly sad reasons, I'm obviously no longer a comcast customer. I don’t get any of this port 53 redirection or anything, but I can back up what you say that Comcast’s dns servers for their customers are crap. I spent a long time with weird internet “outages” that were really just DNS servers being broken and host names not resolving.

I wonder how much comcast pays people to support customers whose internet is broken and can’t just fix their dns servers? it’s so embarassing. For this and other face-palmingly sad reasons, I’m obviously no longer a comcast customer.

]]> By: C. Robert Allen http://comcastisfuckingwithyourport53traffic.wordpress.com/2009/06/09/no-really/#comment-84 C. Robert Allen Wed, 10 Jun 2009 02:46:27 +0000 http://comcastisfuckingwithyourport53traffic.wordpress.com/?p=3#comment-84 I can confirm DNS is redirected from Comcast IP 76.115.5.109 in Salem, Oregon using NetCat to open a port on a server I have sitting in Seattle, Washington and verifying the port responds to a dig client sitting in Kent, Washington. The Seattle and Kent machines are not on Comcast's network. If I allow Comcast's server to resolve my request (both existant and NXDOMAIN) the result is correct. If I try to force use of a specific resolver, my request never makes it to the resolver and times out. I can confirm DNS is redirected from Comcast IP 76.115.5.109 in Salem, Oregon using NetCat to open a port on a server I have sitting in Seattle, Washington and verifying the port responds to a dig client sitting in Kent, Washington. The Seattle and Kent machines are not on Comcast’s network.

If I allow Comcast’s server to resolve my request (both existant and NXDOMAIN) the result is correct. If I try to force use of a specific resolver, my request never makes it to the resolver and times out.

]]> By: Jason http://comcastisfuckingwithyourport53traffic.wordpress.com/2009/06/09/no-really/#comment-80 Jason Wed, 10 Jun 2009 01:44:40 +0000 http://comcastisfuckingwithyourport53traffic.wordpress.com/?p=3#comment-80 Sounds like you subscribe to Earthlink's Internet service, which use Earthlink DNS servers, not Comcast service with Comcast DNS servers. Jason Comcast National Engineering & Technical Operations Sounds like you subscribe to Earthlink’s Internet service, which use Earthlink DNS servers, not Comcast service with Comcast DNS servers.

Jason
Comcast National Engineering & Technical Operations

]]> By: Anonymous Coward http://comcastisfuckingwithyourport53traffic.wordpress.com/2009/06/09/no-really/#comment-62 Anonymous Coward Tue, 09 Jun 2009 22:39:56 +0000 http://comcastisfuckingwithyourport53traffic.wordpress.com/?p=3#comment-62 I encountered this same issue when doing some work during early 2008 using a Sprint EVDO card on the Sprint network. I even tried using an alternate UDP port for DNS and yet I still received responses which clearly were not actually from my destination server. (tcpdump verified, the packets never reached the destination.) Took me quite some time to figure out what was going on. I encountered this same issue when doing some work during early 2008 using a Sprint EVDO card on the Sprint network.

I even tried using an alternate UDP port for DNS and yet I still received responses which clearly were not actually from my destination server. (tcpdump verified, the packets never reached the destination.)

Took me quite some time to figure out what was going on.

]]> By: Nobody http://comcastisfuckingwithyourport53traffic.wordpress.com/2009/06/09/no-really/#comment-59 Nobody Tue, 09 Jun 2009 21:48:56 +0000 http://comcastisfuckingwithyourport53traffic.wordpress.com/?p=3#comment-59 Interesting. The nc method is a good idea. As workaround i would use an DNS server which is not on port 53. Here i found a list of uncensored DNS servers which can also be reached via port 110: http://server.privacyfoundation.de/ You can test it with dig @85.25.251.254 -p 110 | grep SERVER dig @85.25.251.254 -p 110 +short yahoo.com And i found software for getting blacklists from DNS servers by comparing an uncensored and a censored one: http://apophis.ch/de/node/120 http://sourceforge.net/projects/censorshiptools/ Interesting. The nc method is a good idea.
As workaround i would use an DNS server which is not on port 53.
Here i found a list of uncensored DNS servers which can also be reached
via port 110:

http://server.privacyfoundation.de/

You can test it with

dig @85.25.251.254 -p 110 | grep SERVER

dig @85.25.251.254 -p 110 +short yahoo.com

And i found software for getting blacklists from DNS servers by comparing an uncensored and a censored one:

http://apophis.ch/de/node/120

http://sourceforge.net/projects/censorshiptools/

]]> By: James http://comcastisfuckingwithyourport53traffic.wordpress.com/2009/06/09/no-really/#comment-55 James Tue, 09 Jun 2009 21:26:39 +0000 http://comcastisfuckingwithyourport53traffic.wordpress.com/?p=3#comment-55 Just an FYI. It is possible to get Earthlink internet service through Comcast. My mother has this. She is billed by Comcast, but her connection is routed completely through Earthlinks' network. So while you may have Comcast internet service, its probably Earthlink doing the "mucking" with traffic. Earthlink also redirects her HTTP page not found requests to an ad site. I live about 15 miles away, but have pure Comcast. Mine do not. Just an FYI. It is possible to get Earthlink internet service through Comcast. My mother has this. She is billed by Comcast, but her connection is routed completely through Earthlinks’ network.

So while you may have Comcast internet service, its probably Earthlink doing the “mucking” with traffic.

Earthlink also redirects her HTTP page not found requests to an ad site. I live about 15 miles away, but have pure Comcast. Mine do not.

]]> By: Nathan Campbell http://comcastisfuckingwithyourport53traffic.wordpress.com/2009/06/09/no-really/#comment-53 Nathan Campbell Tue, 09 Jun 2009 21:20:39 +0000 http://comcastisfuckingwithyourport53traffic.wordpress.com/?p=3#comment-53 This may not be applicable for every comcast connection. I manage the internet for a co-op and use a computer running pf-sense as the gateway/router. The gateway is set to use open-dns as the dns server, and I can see all the reroute stats on the open-dns page. Now this could be because I have a business comcast connection and not a residential connection. I do know that the 250GB/month rule doesn't apply to business accounts since we push more than 450GB a month since we have 62 college students utilizing the connection. Maybe this dns reroute only applies to residential customers. This may not be applicable for every comcast connection. I manage the internet for a co-op and use a computer running pf-sense as the gateway/router. The gateway is set to use open-dns as the dns server, and I can see all the reroute stats on the open-dns page. Now this could be because I have a business comcast connection and not a residential connection. I do know that the 250GB/month rule doesn’t apply to business accounts since we push more than 450GB a month since we have 62 college students utilizing the connection. Maybe this dns reroute only applies to residential customers.

]]>