What to do when an ISP intercepts NXDOMAIN requests?

What to do when an ISP intercepts NXDOMAIN requests? I think my ISP is intercepting NXDOMAIN requests. For instance, I type http://foo.bar.baz.foobarbaz into my address bar, and I am redirected to http://wwwwe.web-help-service.net/search?qo=foo.bar.baz.foobarbaz&rn=ml4SKlzMtBy7nWK instead.
Asked by: Guest \| Views: 296

Total answers/comments: 2

Comments display order:

Guest [Entry]

"I assume you tested with a Web browser. Not a good idea because there are many functions in the typical browser which can interfere with the detection of a lying DNS resolver.

You did not indicate which operating system you use. Assuming Unix, you probably have dig installed. Test:

dig A doesnotexistatall.com

should bring back a NXDOMAIN, depending on the setup of your default DNS resolver.

dig @8.8.8.8 A doesnotexistatall.com

should bring also NXDOMAIN and allow you to test if your access provider transparently redirects DNS requests (it should go to Google DNS)."

Guest [Entry]

"When I encountered issues with this, I setup Bind to run locally within my home network. A nice feature of this it allowed me to have an authoritative server for all my internal IP addresses that doesn't require that I update /etc/hosts files on all my systems. Another benefit is having a caching DNS server within my home network.

I setup the main TLDs to be ""type delegation-only"" to avoid the DNS hijacking.

Link explaining the ISC Bind feature - www.iscdotorg/node/355"