What to do when an ISP intercepts NXDOMAIN requests

dnsgoogle-public-dns

I think my ISP is intercepting NXDOMAIN requests. For instance, I type http://foo.bar.baz.foobarbaz into my address bar, and I am redirected to http://wwwwe.web-help-service.net/search?qo=foo.bar.baz.foobarbaz&rn=ml4SKlzMtBy7nWK instead.

I have set my Primary DNS address to Google Public DNS (8.8.8.8), but am still getting forwarded.

How can I test to be sure that I am correct?

What can I do?

Best Answer

  • I assume you tested with a Web browser. Not a good idea because there are many functions in the typical browser which can interfere with the detection of a lying DNS resolver.

    You did not indicate which operating system you use. Assuming Unix, you probably have dig installed. Test:

    dig A doesnotexistatall.com
    

    should bring back a NXDOMAIN, depending on the setup of your default DNS resolver.

    dig @8.8.8.8 A doesnotexistatall.com
    

    should bring also NXDOMAIN and allow you to test if your access provider transparently redirects DNS requests (it should go to Google DNS).