DNS hijacking

Updated: 08/02/2020 by Computer Hope

DNS hijacking is a process where an individual redirects queries to a DNS (Domain Name System). It may be accomplished through the use of malicious software or unauthorized modification of a server. Once the individual has control of the DNS, they direct others accessing it to a similar looking web page, but it contains extra content, like advertisements. They may also direct users to pages containing malware or a third-party search engine.

ISP hijacking

DNS hijacking is also done by some Internet service providers, such as Comcast, so they can link users to their search pages when trying to visit a non-existent web page. Many claim this is to improve the users experience. However, this can also be another great source of extra revenue since they control the site and get paid off any advertisement clicks. Currently, there are no laws against an ISP doing this to its users.

How do I know if my ISP is hijacking me?

If you visit any fake or non-existent site, e.g., http://www.jasdf2xdfde3.com and it pulls up a search engine or a collection of links, your DNS is redirecting you.

How do I know if a page is non-existent?

Enter the URL into a service mentioned on the following page to test a website or web page.

How can I opt out of my ISP DNS hijack?

Although all of the ISPs allow you to opt out of their DNS redirection, many use cookies to perform this function. What this means is that you'll still be redirected, but the cookie lets the website know you do not want to view the search results.

Alternative DNS addresses

OpenDNS

DNS1: 208.67.222.222
DNS2: 208.67.220.220

DNS, DNS record, Hijack, Network terms, Pharming, Search engine, Security terms