back to article When ISPs hijack your rights to NXDOMAIN

Virgin Media's UK customers are about to experience a wonderful new service that intercepts unresolvable DNS requests and redirects the user to a page full of ads and search results. It's becoming a frequent trick that ISPs are pulling on their customers, as non-technical executives who could even put the airline industry to …


This topic is closed for new posts.
  1. Yes Me Silver badge
    Paris Hilton

    Unalienable misrepresentation

    "You see, a free people enjoy certain unalienable rights: life, liberty, and honest NXDOMAIN responses." Oh come on! This is nothing to do with so-called net neutrality. It's to do with

    a) interoperability, which is why we have standards and ISPs need to follow them

    b) an engineering principle called "the law of least astonishment"

    c) our inability to predict the future.

    The first two points shouldn't need explanation. The third one goes: who knows what use will be made of standard (non-existent domain) response codes in some future technical standard? For example, not getting an IPv4 address might cause you to go look for an

    IPv6 address, or the opposite, according to where in the world you happen to live. It's just short-sighted of any ISP to break technical standards in this way.

    Paris, because she tends to take the short view too...

  2. Anonymous Coward

    Fail and who?

    >>And for entertainment, there's probably no finer ISP that Virgin Media. ®


  3. steve0000

    I know it's hard for startup puppies to remember

    there's a whole rest of the internet out there, champ. port 80 isn't the only one that people look for domains on -- and an opt-out system based on browser cookies doesn't really cut it.

    yammer about "frustration barriers" all you want, but the web is basically the only internet protocol that even pretends to give a crap about letting idiots use it. the rest of us are trying to get work done, and we'd appreciate it if ISPs would stop fucking us.

    also: please stop defending them when they fuck us. thanks.

  4. Steve Lubman
    Thumb Down


    The only whining I see is that of the author.

    Breaking standards to make a few bucks is OK because it only impacts a few?

    Did one of the guys from Phorm write this article? Seems like the same logic. And most people aren't worried about their privacy.... Just whiners, right?


  5. Tom 35
    Thumb Down

    If the results are relevant ...

    "If the results are relevant"

    A big IF, from what I've seen.

    This is just as bad as people who register misspelled domain names and stick a bunch of ads on the page. They are ads! You only get ads if someone is paying for them, so if the site you are looking for is not running ads (on the right ad network) you will not see what you are looking for.

    What if the site is down? Is a bunch of ads going to help you more then an error message? You still can't get to the site.

    You know what happens if you type "google.cmo" with openDNS? You get redirected to (same for any other obvious typo). That is making the web work better.

  6. Kevin (Just Kevin)

    There's two kinds of DNS requests

    Maybe they should extend the DNS so that you can query A records as either A or AW (W=web). That way, the web browsers of the world can be patched to query AW records, the DNS servers still treat it as an A query but can return their fancy advertising pages for NXDOMAINs.

    BUT if an application searches for an A record, it gets back what it asked for or an NXDOMAIN. It works for everybody since hijacking domains from non-browsers serves no purpose.

    The internets and the interwebs are different things but even the ISPs, custodians of these things, don't always get that.

  7. Anonymous Coward
    Dead Vulture

    Oh fuck off...

    All your points are correct, except for the general gist of the argument, which is that no one understands, therefor no one should care.

    That is utter bullocks, because when users in my corporation start having weird VPN issues while in the field, because some ISP decided to play silly buggers with their DNS, it comes back to us to support. In this case your damned right that the users don't understand, but they sure will care when they can't VPN in and email their quarterly report!

    And as far as opting out... how can an application developer tell his users they have to opt out of their ISPs proprietary mechanism? And how can the user, when in a hotel for a night "opt out" of their DNS? The internet needs standards to survive, and your readers are the ones that try to keep the damned thing together.

    Ted, your only flaw is that you think your readership shares your apathy.

  8. Jeremy 2


    Isn't their ad-laden 'host not found' page opt-in? I certainly didn't have to opt-out of it and I don't see no ads.

    And hell, what's the difference if Virgin hijack the no such domain response anyway? 9 times out of 10 a mistyped domain *does* exist with some scum bag typo squatter creaming some cash off it (e.g. I'd rather Virgin made a few pence from the mistyped URL than the scum bag.

  9. Anonymous Coward
    Anonymous Coward

    It's already being done in Asia

    So, not exactly new. I've got that with China Unicom, and I've had it in Malaysia as well in several hotels.

    Of course, in the article's author world, everybody speaks English. Me living in another one, I can say that it's a pain to be presented with a page in Chinese. But hey, if I understand the author's drift correctly, if you're not part of an overwhelming majority, there's nothing to complain about. Actually, ISPs could make 70% of their users happy, and that would be fine. Or 80. or 51. Where's the treshold exactly?

    Now, here, if I mistype "google.cmo", here's the very relevant first result. Not.

    传一拍网前老总王怀南任Google亚洲CMO _ 中国人力资源开发网 _ ... ... 24K 2005-11-28 - 百度快照

    It's Baidu providing the answer. And they don't care about net neutrality either: they won't give a result linking to their competitor. So, I don't see how the user will be happy about that?

    More technically, for the geeks amongst us: it's not only "google.cmo" they redirect. They also do it for "localhost". And yes, I've seen buggy applications trying to connect to the ISP instead of, which is really unsettling.

  10. Mark 65

    Truth is

    This should be opt-in not opt-out but nobody would bother and they'd make fuck all so the choice is reversed.

    As for OpenDNS Ted, unlike you, they serve a purpose. A service that's configurable and free unlike whatever some twat at an ISP decides everyone should be getting.

  11. Lou Gosselin

    This is extremely annoying.

    Cablevision/Optimum Online started to do this recently. Hijacking DNS links whether they are top level OR subdomains.

    I type in, and my ISP shows it's ads.

    Being technologically inclined, I can block my ISP's DNS servers on my personal pipe (since they haven't yet blocked external DNS), but it's annoying that they are displaying ads on my domain to others.

    Let's not forget that DNS affects more than just HTTP..

    One not so subtle interruption is, since many systems are setup to resolve names using DNS first, connecting to local machines will cease to work using Netbios/SMB name. I used to be able to type "\\Server\Share", but that stopped working with the ISP's ad server taking over.

  12. Iggle Piggle

    If they mimiced OpenDNS...

    ...and offered some protection from phishers and porn then perhaps this would be a nice default situation. However if all they do is convert www.theregister to them there is nothing in this for the customer and opting out is the only sensible route (assuming that remains an option).

    I have set up OpenDNS for my in-laws and my parents and myself. In most cases it was as easy as going to the router and setting the DNS server to that of OpenDNS. However BT have a funny idea that trying to change the default DNS server is something that only scammers would want to do and so they do not allow it. This forced me to change it in the computer which is not my ideal solution and actually just as possible for the scammers.

  13. Anonymous Coward
    Anonymous Coward

    Brilliant article

    It will only be suprerceded by the comments which I'm going to follow to have a laugh at all the smart arse holier than thou uber geeks who will no doubt spout forth on how it doesn't affect them because they have adblock, noscript or whatever. I'm sure we'll see one from a Mac/Linux user who thinks it's just a windows issue. Reality is they don't have enough of a brain to simply ignore unwanted advertising and just get on with life.

    Due to moderator lag by the time this gets through I'm sure there'll already be a number of such comments.

  14. lyngvi

    it's not the browsers, it's the DNS

    The issue is *not* with browsers pulling ads out of the void. The problem is that people should be able to, and do, rely on NXDOMAIN. It can make determining the causes of network failures *much* easier. And of course there are already the stories of database corruption based on loading bad data from domains that previously bailed with nx.

    Oh, and while they're at it, are they spoofing an SPF record too? Spammers would be very interested in this - you could wipe out SPF with a few careless strokes, though the big mail providers would likely find a way to opt out. I'd be curious to hear what someone's results are for a TXT record on a fake domain. Verizon is still honoring NXDOMAIN for me.

    But hey, I'd gladly write you a browser plugin that not only would replace nxdomain, but would also replace all HTTP 4*, 5*, 3*, and hell, even 2* error codes with ad search pages. I mean, who cares about all those pesky error codes? HTTP, DNS, what's the difference, right?

  15. Anonymous Coward

    After reading this insane rant against some antagonist I'm not sure exists...

    I feel much saner... all of the sudden.

    Why are both sides of an argument, that matters to almost no one, done with such exaggerated anger? Yet the issue, when explained properly, seems to show that it is a non issue, due to the fact it is too late to do anything about it, one way or another. Net neutrality has never actually existed, and if it did, it was only because the men (and women, in case there were any there at the time, just to be P.C.) who ran the companies that actually own the net were too old to know how to properly exploit its potential to make them more money while giving customers what they want, and that everyone who used the net took this as a conscious act of leaving them alone (which I'm not sure anyone really ever thought, since no one really thought about it).

    Noticing the lack of neutrality is like noticing the sun is up during the day. The lack of there ever truly having been a neutral net makes defining what net neutrality is very difficult, or just wishful thinking, like wanting unicorns to be real again. Instead approaching the issue with the "There's never going to be any goddamn unicorns again you unitards" attitude, sometimes having to repeat oneself using logic and reason will eventually teach the uninformed the truth. Especially in a situation where every month there's a new wave of newbies to the topic, who instead of hearing rational argument, hear people shouting at them that they're stupid the first time they say something that is inaccurate, or even before they have the chance to even learn about it. Who likes going into a room only to immediately have someone point at them and tell them it's people like you who make me so frustrated. The ONLY reason anyone believes the net "should be neutral" is because it sounds good, like having a sunny day every day. But rain can be beneficial too, when it comes to the entire economy that is the internet.

    Sometimes simplifying things too much leaves everyone outside of the informed argument that it should be, and creates opposition where there should be none. And since there's a new misinformed person every day, judging by the crazed frustration of the anti-conspiracy-nut-nuts, the job should be left to those with more patience and the willingness to just repeat the facts and teach the history, and not to those who have obviously run out of the patience needed to help inform those that need it.

    There are no businesses that are neutral, as they all, at the very least, need to try to keep themselves in business, even at the cost of changing how they do business. And that is as neutral as it can ever be because it is also a part of human nature, so while it can be tempered, it will always be this way. The real problem the neutrality topic fails to address, or is avoiding, is that businesses can be very antagonistic towards their customers, usually unintentionally, or because the business has been taken over by complete assholes who hate everyone who isn't like them, which is pretty much everyone. But to throw into it the replacement of an error message with adds, while a little late anyway as all the ISP's where I have lived the last 2 years have been doing this already, is like comparing hunting with genocide. I honestly have yet to see the ISP's get into this neutrality debate in any serious way, so it seems to be mostly average people who are making all the fuss, or it may even be just the fringe loudmouths who believe what they say should be heard by everyone whether they want to or not, like the TV news channels seem to be nowadays. But I realize, pausing to think is very difficult for the modern person, and it's easier to pick sides in a fight that isn't real.

    Of course, if the article is an example of how crazy a small issue can become when it is blown out of any reality based proportion, I missed the punchline, and the sarcasm, and deeply apologize.

  16. James 129
    Thumb Down

    It can be disabled at least.

    You can disable this 'feature' if you're on Virgin Media... just go to this website: and click No.

    They hid that link pretty deep!

  17. Dave Bell

    Is this guy for real?

    I know it can be difficult to judge humour, but this guy won the class prize for missing the point at the Imperial Stormtrooper Marksmanship Academy.

    Virgin Media are doing a lot of stuff to customers without telling them. For a friend, the breaking point was blocking telephone access to mobile phones. Including her husband's. Since, for light use, a mobile phone can be cheaper than paying line rental...

    And are all these adverts being ciunted against any bandwidth limits?

  18. John Square

    @ Yes Me

    "who knows what use will be made of standard (non-existent domain) response codes in some future technical standard?"

    Hmmm. I'll give you the first two, but the third isn't a great reason not to offer a page of possibly relevant ads instead of a browser error.

    One of the reasons I like Ted is that he's man enough not to begrudge someone making a buck. The ISPs need income from somewhere, especially if you/me/we are going to continue to get uncapped ADSL at less £ than a point to point. And is this service that will make life a little easier for the person who needs a bit of help with the internet anyway (and that guy is the kind of user who probably subsidises yours and mine heavy internet usage). Having said that, I have a large hangover today, and thus am probably wrong.

    "It's one of the many tumors that is slowly killing real liberty: the belief that if you whine about something enough and call it a right, the government will do something, and when they don't, you whine even louder, at which point the general public stops caring about your cause because Global Warming is starring in its very own movie, and dammit, nobody out-whines Al Gore."

    Yeah. I like that.

  19. RegReaderInLancs

    Verisign sitefinder again?

    I remember when Verisign tried to pull this trick a while back and got shot down in flames for it.

    Also, the ISC released the delegation-only patch for BIND in order to neuter sitefinder.

    Boy am I glad I don't use NTL/Virgin/whatever-their-name-is-today for DNS, preferring to run a caching nameserver (in delegation-only mode!) on my own network, which also allows me to NXDOMAIN various domains notorious for hosting ads...

  20. jake Silver badge


    I make it a point when writing contracts to allow me to drop packets on the floor from IP addresses that don't follow the RFCs, when I see a need to drop those packets.

    This is one of those cases. And has been, for about a dozen years.

    Do try to keep up, Ted. Or don't, as you see fit. I won't be reading you anymore, regardless.

  21. Neil Barnes Silver badge

    Ah yes, but...

    Recall that this is one of the ISPs who are apparently congenitally incapable of supplying what the customer is paying for.

    If they can't supply the 20mb/s service advertised all day every day, without odd little excursions into 'fair use' territory and rate limiting, why would I expect them to provide a clean domain resolution service? The correct approach to an unrecognised request is to flag it, not start making assumptions about what the requester really wanted. And surely, are not mass-dumped adverts normally known as 'spam', something expressly forbidden to the ISP's users? But of course, Virgin know best. Obviously these are adverts I *want*, right?

    I don't pay for cable or satellite TV and won't unless and until they decide I can have a completely advert-free stream. Looks like it might be time to start thinking the same about ISPs...

    And on a side note - Charlie Stross (hi Charlie, been a while!) has an interesting discussion regarding web-page inflation here: - it's a year old, but I can only assume it's got worse since then.

  22. Anonymous Coward

    Missing the point

    The Internet works, and works well given its size, in part because of simple, well understood standards. Any ISP that breaks those standards is pissing in its own well.

    Another factor behind the functioning of the Internet is the large army of admins who spend their time tracing & fixing real problems and really don't need bright ideas from some marketing twerp interfering with core services like DNS.

    @Yes Me... I have to disagree... this is precisely about net neutrality. The network should not interfere with a users traffic (even things like security/malware/spam should be left to the endpoints). To do so pre-judges what a user may want to do.

  23. Law
    Black Helicopters

    I did wonder...

    .... last night I got a VM page for a mistyped URL - was mighty annoyed by the whole affair, I just retyped rather than them getting a click-through, I would have thought they could have warned me about this new "feature" of theirs before implementing it.

    Now I know it's optional, I'm gonna go looking this evening for the option - unless anybody wants to give me the answer (other than dropping cable broadband ofcourse - I can have 20mb cable with a crappy company, or a max of 2mb adsl with few crappy companies).

    I guess it could have been worse - they may have been tempted not to plaster Virgin Media all over the page, and therefore I'd just think it was an updated dns error page from Safari/Firefox/IE or something.

  24. Wayland Sothcott 1

    Global Warming star of it's own movie

    A very witty peice. However the world is not controlled by the many, it's controlled by the few. So yes most people don't care about net neutrality and what is returned from a miss-keyed domain name, but it is still important. Their may be millions of people who know how to create a website, but their are billions who simply look at them.

    When you think about all the stunts that an ISP could pull, then DNS error re-direction is pretty mild. As techies we should care and we should make a fuss, for the sake of the Internet the way we like it and for the sakes of all those billions of people who don't know why they should care. We are the few...

  25. Lionel Baden
    Thumb Up

    oh well i lol'ed

    never liked virgin media anyway :)

    nice article though

  26. Anonymous Coward
    Thumb Down

    Yet another reason...

    ...that I'm glad I left Virgin Media for BE. Advertising isn't something I'm fond of. Life is so much more peaceful when you aren't being told what to want next. I don't watch live TV, I don't listen to commercial radio, I use ABP on Firefox (sorry Reg), and I don't take kindly to advertisements sneaking into my error messages.

    Imagine... "Windows Media Player has stopped responding. Click here for fantastic Windows Media Player ringtones on your mobile. Interested in Windows Media Player? Everything you need to know is here. Enlarge your Windows Media Player and maker her squeal with delight!"

    It's only one step away.

  27. A. Lewis
    Thumb Down

    More pointless, rambling bile from Mr Dziuba

    Why do you chaps at vulture central continue to give this stuff screen space?

  28. Ben Tasker

    Didn't Tiscali try this?

    IIRC Tiscali tried this a while back, and were eventually forced to back down. At least that's the way I remember it!

    Why should an ISP have a right to fiddle with DNS requests, just to make a few pence? If the user is too plain stupid to work out that they got an error because they typed google.cmo then their ownership of a PC is probably a danger to everyone else.

    Standards exist for a reason, and no ISP should piss around with them. OpenDNS doing it is one thing, after all you sign up to the service knowing they do it, but for an ISP to change the way they operate?

    And what's going to happen when Joe Average starts typing Google into his address bar, and gets a drop down list of every google related typo he's made recently?

    As Ted mentioned, it has an effect on software that relies on DNS fidelity, why should users have to put up with the fault, and why should developers have to find a workaround to cope with an ISP who's not complying with standards?

    Not that any of this is too big a surprise, Vermin Media were looking at Phorm, so the changing of a few DNS replies probably isn't that big a deal to them.

  29. Anonymous Coward
    Thumb Down

    Heavy Going

    Now I've been wondering this for a while, and maybe we can clear it up now: do you dictate your articles Ted? I'm sure it sounds great as a speech but trying to read it is very hard going. Maybe it's just me but I have to re-read some of the sentences several times to work out what you're trying to say.

    That said you make some interesting points. You missed the one about standards though.

  30. Witty username


    this`ll be fun for users that have had browser hijackers before...

  31. Anon

    Founding alchies?

    "Thomas Jefferson was a touch pissed when he penned the Declaration of Independence."

    You know that in English that means a touch drunk, don't you?

  32. David 110

    NXDomain redirecting and Sky

    Interesting timing on this article!

    I've just spent 2 weeks trying to fix a collegues laptop as he was unable to correctly resolve our internal IP address when connected remotely via VPN.

    I eneded up wiping his machine down and rebuilding it hoping it would clear the problem. After this failed to sort it, i realised that the issue was his ISP - specifically Sky - which were hijacking his DNS lookup and thus causing the problems above. The number of hours and thus money that have been wasted sorting this.

    He's yet to start the pain of trying to contact sky to get them opt him out of this redirect 'service'. I can only begin to imagine the hours it will take and various calls to delhi to try and get that done. Poor guy.

  33. Graham Marsden

    Err, what...?

    This started off as looking like an interesting piece on the way that ISPs are trying to take over our browsing (how big a step is it from a mis-typed URL going to a page full of ads to a legitimate URL getting a response of "you don't want to look at that page, you want to look at *this* page"?)

    Unfortunately it then rapidly devolved into a barely coherent rant which meandered all over the place and any point that it might have had to make got buried under the sound of axes being ground.

  34. windywoo
    Thumb Down

    In defense of OpenDNS

    They offer a content filtering service for free so you don't have to see naughty sites if you set it up for that. I have only noticed their advertising a couple of times since I used it and even then the correct result that I wanted was top of their suggestions.

    To do this on an ISP level seems to be taking the mickey. Customers are already paying for the service, why are the ISPs then lumping advertising on top of it? If we take a TV metaphor, people pay for a service and the TV channels support themselves through advertising. Websites already support themselves through advertising, so if ISPs introduce this "service" will we see our subscription fees reduced?

  35. Stephen Jones

    Of course...

    ... when you type "google.cmo" into your browser what you really want is links to and a whole bunch of domain squatters.

    I'll stick with my browser sticking things it doesn't understand into google, rather than have my ISP recommend its "trusted partners" to me.

    protip: DNS is de-centralised, if they're hijacking packets it's a RIP Act violation, if they're not you can just resolve direct from the root servers.

  36. David Barrett

    How does this work?

    Do I still recieve a page served by virgin with an http status of 404 or 200?

    If I still get a 404 but with some virgin content then that's not AS bad but if they take the 404 and replace it with a 200 it's going to mess up loads of stuff... App that connects to a web service? If that web service goes off line the app will be set up to cope with a 404 but what happens when that app gets served a load of adverts when it expects nice tasty XML?

  37. Si 1

    How does one go about opting out?

    What's the betting to opt-out you have to phone them up and go through some tedious procedure to get this disabled? I'm sure there won't be anything as simple or helpful as a checkbox on a website. And the instructions for opting out will probably be hidden in a basement with the lights out (and the stairs) and in a locked filing cabinet with a warning sign about leopards...

    I loved Telewest as an ISP, their service offered speeds you couldn't hope to get with ADSL and there were genuinely no limits on usage. Now that Virgin Media are running things the service gets throttled if you even glance in the direction of a large file, they're always on about throttling services like the iPlayer and they're the only ISP who seem dead keen on being copyright cops.

    It's too expensive to bother getting BT in to switch to ADSL at the moment, but I'm moving soon and VM will be at the bottom of my list of ISP choices.

  38. adnim


    I would guess most nxdomain errors are a result of a user mistyping into the browser address bar. A solution would be the ISP sends DNS rcode 3 nxdomain to browser as would be expected when complying with standards, then a timed Javascript redirect shows a page of domain names which relate to the mistyped address, along with all those revenue creating advertisements... Just a thought

    Perhaps if one is not smart nor dexterous enough to type an address correctly one deserves a page full of ads? ;-)

    More info on DNS hijacking here: Warning PDF

  39. Stuart Boston


    I consider myself reasonably technical (15 years in IT), but I don't understand what the issue is.

    So now instead of my browser going to a 404 page provided by IE/Firefox/Chrome/Safari and them getting some ad-revenue Virgin, BT, et al. are doing it?

    What's broken? Who cares? and just what the heck is NXDOMAIN and why should *I* care as an average end user?

    Answer these questions and then you might, just might, be able to persuade the average internet user of your point of view, but until then, the response will be "Huh?"

    WTF? because despite everything, the IT community still complains about users not understanding the complex nature of computers rather than making them easier to use and speaking their language rather than ours.

  40. Anonymous Coward
    Anonymous Coward

    but why

    only serve adds on missing domains?

    ISP's ain't getting any cash from $SMALLSITES either. So they could pretend it didn't exist and show some ads in exchange for money instead. Who'd know the difference?

    $SMALLSITES disappear all the time.

  41. Steen Hive

    Inalienable rights

    Free people enjoy inalienable rights.

    Privacy is one of them - being bombarded by ads and behaviorally monitored 24x7 fucks with that principle big time, irrespective of whether it's the state or a corporate gangster behind it.

  42. Columbus


    am I the only one who thinks this article reads like one of amanfrommars's posts?

  43. John Bayly
    Thumb Down


    The issue isn't with the fact that I believe it's an unalienable right, it's that it breaks the way the internet is supposed to work. If I've got an app that parses a http response, I want it to tell me that the host couldn't be resolved, not that the response couldn't be parsed, I don't want to have to boot up Wireshark and view the response stream to find out that some cunt is giving me ads because of a DNS error.

    Tiscali have been hijacking DNS requests for ages, initially under some random name which meant nothing. Now it's under "EDEH and UEI", which at least has an explanation of what it means. It's helpfully hidden under "Personal Details".

    Why am I with Tiscali? Believe it or not, the service has been pretty good and I get free calls to half Europe.

  44. Nev

    Already here in France

    Very annoying when you mistype something, get redirected to another

    (ISP hosted) page and you can't just quickly correct your mistake in the address

    bar as it now contains the diverted URL.


  45. Camilla Smythe

    I think I'll take a piss through Teds Letterbox

    I'm sure there might be some rules against doing that sort of thing but fuck that. It's not as if it's going to affect that many people. In fact it's only going to affect Ted who is prone, at times, to being a whining shit so it's not as if anyone would notice much difference there. I'll even give him the chance to opt-out if and when he works out that having someone piss through his letterbox is actually a value added public service rather than someone just randomly pissing through his letterbox. Just think, if I did not piss in Teds letterbox I'd end up pissing in the street and that's going to upset a lot more people. Of course then he will have to find out how to opt-out and, if I bother to read his request, I'd get around to processing it some time next year. Oh and don't give me no crap about pissing in toilets being standard practice. That smacks too much of 'standards' as if anyone would think standards are important. Fuck, since I'm a generous sort of person I'll also shove some leaflets advertising cleaning products for piss sodden doormats so Ted can tidy up afterwards.

  46. foo_bar_baz

    Nice article, low on expletives

    Made me think - If you operate a DNS domain it might make sense to run your own wildcard on subdomains, e.g. * to catch at least a proportion of typos yourself.

  47. Tom Chiverton 1

    15 years in IT

    @Stuart Boston you have "15 years in IT" but don't know how DNS works, or Google ?

  48. Anonymous Coward
    Anonymous Coward

    @Stuart Boston

    You would have thought that in your 15 years you might have realised that not everything on the Internet operates on Port 80.

  49. Jeff 11
    Thumb Up

    @Camilla Smythe

    The Reg should really part ways with poor old Ted, whose tiring expletives and misdirected bile would be well replaced with that wit of yours. Reading that gave me more laughs than the last few months of this crap.

  50. Da Weezil


    Its as bad as spam... but then I expect nothing better from a company like Virgin.

  51. Rob Beard

    Just opted out...

    I've just opted out (not that I've seen it yet) and got this message...

    "You have successfully switched off advanced network error search.

    This will apply to all computers on this internet connection, but you may have to opt out again if you replace your modem.

    You can switch this service back on at any time by going to, and then looking for the links to Advanced Error Search in the My Virgin Media section of the site.

    The Virgin Media Team"

    So it looks like I'm opted out for all machines that use my Virgin Media broadband (not that I use their DNS anyway), so it appears to be a setting that is fixed with the modem (maybe the modem dishes out two sets of DNS addresses, one that goes to this new page and one that doesn't), or possibly it goes on the modem MAC address.

    Still I think that if any ISP pulls a stunt like this they should inform EVERY customer in advance by snail mail and give them a clear and easy to enter link to go to (such as or something like that.

    Doubt it'll happen though, I mean that would cost them money, I guess they think it's better to just do it and let the customers find the link themselves.


  52. Dan 55 Silver badge


    > What's broken? Who cares? and just what the heck is NXDOMAIN and why should *I* care as an average end user?

    If you put an incorrect server address in any other program apart from a browser, it doesn't understand that Virgin's advertising page is an advertising page and returns a misleading error which the average end user will probably have more problems sorting out than they would if Virgin stopped twitting around with DNS.

    E.g. See what an e-mail client says if you configure it with wrong server address in under Virgin broadband.

  53. Anonymous Coward
    Anonymous Coward

    OpenDNS and Virgin... why the distinction?

    "The difference of course is that OpenDNS customers sign up for this service knowing full well that the company does this."

    I have a credit card, and periodically they send through a note about changes to the Terms of the service. If I decide I don't like the changes they've imposed, I'm free to switch to another card.

    OpenDNS might have introduced the ad-serving before you signed up... but Virgin are doing this now. Deal with it.

    As much as we might dislike it, Virgin are free to change the Terms as they see fit, given that they supply the service and, as such, dictate the Terms of the service offering.

    If their customers dislike it, they can vote with their feet. And if enough do, Virgin might rethink the change.

    Of course, I can be this detatched as I don't use Virgin :)

  54. Anonymous Coward
    Big Brother

    No toys save a rifle and a helicopter

    Oh! If only there were alternate DNS providers! Why, with this kind of monopolistic control over the connections of those who connect to their network, with no means to avoid it other than opting out, connecting by other means, or using different servers for lookup, Virgin Media have declared their intention to enslave their entire customer base. They'll be installing equipment in their customer's houses next...

  55. Anonymous Coward

    Add more biliousness

    and maybe an actual point.

    Still, this piece has prompted me to be amused for, ooh, several seconds by typing google.cmo into Safari, receiving in return the following:

    "Safari can’t find the server.

    Safari can’t open the page “http://google.cmo/” because Safari can’t find the server “google.cmo”.

    You can use Google to search the web for this text."

    Followed by a nifty little search box pre-populated with google.cmo. So I clicks it and Google manages to return a whole page of results, precisely, erm, none of which are Although when I get as far as page 2 of search results, then scroll aaaall the way to the bottom, Google wonders if maybe I meant So I clicks that and finally get a page of links to Google stuff, none of which are actually search...

    All other arguments aside, this is really fucking spectacularly useless...

  56. Paul RND*1000
    Thumb Down

    No better than typo-squatters

    "A browser error is of no help, it smacks the user on the nose with a rolled up newspaper and forces him to think about what he's done."

    Frankly some users *need* to be smacked on the nose with a rolled up newspaper. Repeatedly. Until they learn that you do, in fact, have to be careful when using the Internet.

    Yes, Mr. I-click-links-in-\/14gr4-spam-mails-and-buy-their-shit, I'm talking to you here. It's your fucking fault that spam keeps happening, because morons like you make it worth the effort.

    And Miss I-don't-know-what-it-said-I-just-clicked-OK-and-now-my-computer-runs-slow-WTF? you're guilty as charged too, God knows what mischief your utterly owned box is up to, making the internet a pain in the arse for the rest of us. Thanks a whole lot, stupid.

    "If I type in "google.cmo" accidentally, and am presented with a link to Google, then the ISP has just made my day easier. Who cares if they get paid for that click? It makes the internet work better for users."

    All that does is condition the user to believe that they can ham-fist their way through the internet without bothering to check that they typed the right address in and that they can then click on some link which takes them where they really meant to go.

    That sort of carelessness will eventually lead them somewhere which is a real, registered domain serving up a double dose of malware, and now they're owned again. Gather a few thousand of those together and you've got something which makes the internet work WORSE for EVERYONE.

  57. Richard Conto

    In the USofA, COMCAST is poisoning their customers DNS too

    COMCAST in the United States - at least in Ann Arbor, MI, is doing the same thing. They're redirecting to some company called FASTSEARCH.NET, although they're redirecting only names that begin with "WWW." and end with a valid TLD.

    They have an opt out page too. You have to be using their service and know the MAC RF ID of your cable modem (which ought to be printed on the thing anyway.)

    Late Sunday, I did the opt-out. They processed it this morning (Tuesday).

    Nevertheless, I'm thinking of querying the root name servers directly. If enough people do that, the root nameserver people will start gnawing on COMCAST for this bit of evil mindedness.

    P.S.: I'm blocking FASTNET's net-block ,, in my home router/gateway. I tend to take an aggressive view of people attempting to abuse my system, and so most of Vietnam is blocked as well as major parts of China. And various parts of the American South and West...

  58. Lou Gosselin

    @Stuart Boston

    On many networks, the name resolution for local servers will break as well, at least when DHCP is configured to use the ISP's DNS.

    This can break file shares, VOIP, databases, VPN, ...

    It's not a non-issue because it's not just port 80.

    Even if it were just HTTP, who are the ISP to redirect to ad sites? If their business model is not economically viable with paying customers, then charge more or make way for those who have viable models.

  59. Goat Jam

    @David 110

    "I've just spent 2 weeks trying to fix a collegues laptop as he was unable to correctly resolve our internal IP address when connected remotely via VPN.

    I eneded up wiping his machine down and rebuilding it hoping it would clear the problem."

    Let me guess, you're have an MCSE, right?

  60. Anonymous Coward
    Anonymous Coward

    Re: Stuart Boston

    You're right, if after 15 years in IT, you don't know the difference between a 404 and an NXDOMAIN error, you're a very average user. Your unenlightened opinion matters to us.

    To make it to your level: if your Post Office, instead of returning letters to you when there's a mistake on the envelope, starts sending them to an advertising company which will open them, read them, and use their content to send you targeted advertisement - nothing wrong with that, right?

  61. Owen Smith

    why not?

    this is an evil isp isnt it?

    why dont they just put the spamvertNXDOMAIN error on there proxy?

    it would piss less people off by not borking the standards for us real people, and the great unwashed get friendly "you are idiot, click here for what we want you to look at" pages when they typo www.goooooooooooooooooooooooooooooolge.mco (or whatever)

    now if you will excuse me, i have a coldfusion server to debug with a lump hammer


  62. M Gale

    A note from a crusty old dialup user

    Still got this account from years ago, back when it was called "Surfunlimited" and came from a company called Blueyonder. I get proper DNS errors (or at least, my SQUID server tells me it's getting a proper DNS error), no bullshit redirects, and the link at tells me I have to be a Virgin Media BROADBAND customer.

    I guess this is one of those rare occasions when I can pat my trusty external v90 with its serial port comms and blinkenlights and say "good boy". Well, that and being able to circumvent IP bans with a simple redial. Not that I'd ever do that.

  63. Jimmy Pop

    As if nerds care..

    Run a DNS server at home.. don't go through any crap ISP's hierarchy either, just straight to root servers!

    I run my own network, and want unfiltered records.. ;-)

    Beer, cause 5 minutes after installing BIND, you will be ready to congratulate yourself!

  64. Brendan Sullivan

    @HUH? By Stuart Boston

    DNS responses tell your computer where the host/server you were looking for is located. When these DNS record responses are changed (from NXDomain or non-existent domain to name exists) they cause whatever application made the DNS request to attempt to communicate with whatever machine the falsified record points to as if it was the intended recipient machine.

    If you try to send an email and your ISP hijacks the DNS request your email still gets sent, but it goes to the ISP's ad server.

    When you attempt to login to a domain based system who's DNS record was hijacked your login credentials get sent to the ad server, not a legitimate recipient.

    When you try to print to a hostname based print server and the print queue's DNS record (or lack thereof) gets hijacked , your computer still sends the document to be queued (because it thinks it's found the printe queue) but instead the document gets sent to the ad server.

    If all of this is new to you then your "15 years" of "IT" must have been with DOS boxes or something and you should really try looking up this stuff on wikipedia or try looking at the resources the the previous commenters have pointed out.

  65. Anonymous Coward
    Anonymous Coward


    Feel the NerdRage!

  66. Anonymous Coward
    Anonymous Coward


    The item is not totally fair on OpenDNS. Whilst it is true that on blocked pages, or other failed searches that happens, but it has many very good reasons to use it. In fact due to problems with ISP's here in France I suggest that all my friends use it for several reasons.

  67. Anonymous Coward
    Anonymous Coward

    Could someone exploit this?

    I'm a little late to the party on this one, and know near to nothing about DNS. However it strikes me that Dan's internet breaking attack exploited Betwick filtering and blitzing transaction IDs in order to work. This was said to be marginally nullified by DNS caching, however if I therefore try to go to a DNS server which is feeding its DNS off virgin media's DNS servers, would accessing, cache the DNS for as being their ad server?

    No flaming please, as I said I know that I don't know what I'm talking about. My point is not that such an attack is there, just that we didn't see the previous attack, and it would be a lot harder to defend against future attacks if people are pissing about with the rules.

  68. Christopher Martin


    I just tried to get some Internet service from Comcast in the States. We spent 2 weeks, 4 appointments (two of them missed), and innumerable phone calls before establishing that they are either unable or unwilling to providing working service.

    Standards? NXDOMAIN? Dziuba is right (as always) - I'm angry at Virgin Media in principle, but don't give a shit in practice. I would be more than happy with Virgin Media service, because what I've been dealing with is remotely competent ISP that can't serve me anything.

  69. Anonymous Coward

    The real point

    If that happened to me, my first reaction would be to fire up the ol' virus checker for something that is poisoning my DNS lookup.

    FFS, in this day and age, ISPs should be avoiding this kind of crap which is just likely to confuse the average user even more than they already are.

  70. Seán

    So boring

    Could anyone be bothered reading the second page? After reading the waffling tripe at the end of the first one I was so bored and irritated I checked who wrote this heft and wasn't surprised.

  71. Mark Eccleston

    Rogers in Canada started this a year ago

    Rogers started this about a year ago. Previously my poorly typed URLs when unresolved would be redirected to Google and the one that I meant to type would usually be on the top of the list.

    Then one magic day I got a Rogers/Yahoo ad list. I could opt out with a cookie. When you did this you would get a Rogers/Yahoo 404 page with an option to resubscribe to the ad list.

    With that and them packet shaping my VPN connection to the office (2 MB transfer in 15 mins on a 6 Mbps line) I switched ISPs.

    Funny thing is they promote both of these network management techniques as a way to improve overall customer satisfaction with the internet experience.

This topic is closed for new posts.

Other stories you might like