ISP redirect page

From Wikipedia, the free encyclopedia
Jump to: navigation, search

An ISP redirect page is a spoof page served by major ISPs including: Cox Communications, Embarq, Verizon, Rogers, Earthlink, and various others when web users enter an invalid DNS name.

If a user types in an incorrect url (for example wikipedia.orf instead of wikipedia.org), the ISP's DNS server will respond with a spoofed DNS response that redirects the user to an advertising page.

How it works[edit]

Domain Name System (DNS) resolution is the process of translating a human-readable domain name (for example, en.wikipedia.org) into an IP address that computers can use. Every ISP runs a DNS server to allow their customers to translate domain names into IP addresses that computers understand and use. When an ISP's DNS server receives a request to translate a name, according to RFC the DNS server should return the associated IP address to the customer's computer which is then able to connect to the requested resource.

When the ISP's DNS server receives a request for a name that is not recognized or is unavailable, some ISPs spoof the NX (null) response and instead return the IP address of a search or advertising page to the client. When the client is using a web browser, this will display a search page that contains possible suggestions on the proper address and a small explanation of the error. These search pages often contain advertising that is paid to the ISP.

Sometimes, a customer can opt out of this service, but the opt-out is frequently not implemented at the same layer as the spoofing. Opt-out procedures vary from ISP to ISP in both their method of implementation and effectiveness.

References and sources[edit]