nanog mailing list archives

Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses


From: "John R. Levine" <johnl () iecc com>
Date: 30 Oct 2023 21:02:07 +0100

On Mon, 30 Oct 2023, Livingood, Jason wrote:
On 10/27/23, 19:01, "NANOG on behalf of Owen DeLong wrote:

If it’s such a reasonable default, why don’t any of the public resolvers (e.g. 1.1.1.1, 8.8.8.8, 9.9.9.9, etc.) do so?
DNS isn’t the right place to attack this, IMHO.

Are we sure that the filtering is done in the default view - I would suggest the user check to ensure they don't have a 
filtering service (e.g. parental controls/malware protection) turned on. In my **personal** opinion, the default view should 
have DNSSEC validation & no filtering; users can always optionally select additional protection services that might include 
DNS-based filtering as well as other mechanisms.

At Quad9 they are clear that 9.9.9.9 is filtered. Cloudflare 1.1.1.1 is unfiltered, 1.1.1.2 filters malware, 1.1.1.3 malware and stuff unsuitable for children.

I have no idea whether Charter uses one of these, some other third party, or their own. We must know someone there who could tell us.

Regards,
John Levine, johnl () taugh com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly


Current thread: