Highlighted
Observer

dnsrsearch.com DNS Hijack

Received an email with my new static IP information (I obfuscated the more sensitive bits).

 

Public Network
Gateway IP Address: 50.*.*.*
Useable IP Range Assigned: 50.*.*.*
IP Subnet Mask: 255.255.255.252
Primary DNS Server: 209.18.47.61
Secondary DNS Server: 209.18.47.62

 

When using these DNS servers, if you try to go to an unregistered domain name or typo a domain name (i.e. totallynonexistent.com), you will be rediected to www.dnsrsearch.com.

Ok well no big deal. I've seen this before. There's a link to "Preferences" in tiny print to the right of the search bar on this page, you just go in there and tell it not to redirect you anymore.

 

But now if you click it, you receive the message Your Preferences Are Currently Locked

 

Oh noes!

dnsrsearch.com prefs_locked.php

Anyway I called support and they said it was a residential thing that they don't support. I think the guy was confused. Maybe someone can fix this page so I can turn off these annoying redirects?

Thanks.

 

EDIT: Just wanted to mention I know I can use Google DNS at 8.8.8.8 or OpenDNS etc. but I was hoping to continue using my ISP's (Spectrum Business Class's) DNS servers if it's possible.

5 REPLIES
Expert

Re: dnsrsearch.com DNS Hijack

 

Are you using a seperate modem and router?

209.18.47.61/62 are the residential DNS addy's and are multicast from at least 4 RDC's in the US.

 There is no advantage to use a public dns as all routing is thru the RR pipeline to those 4 exit points.  Something changed here in the past month routing wise... For a while as to where the TWC speedtest was being hosted.

Speeds have been bumped up one or two tiers.

But as for a ficticious url, On residential, I'm getting that redirect as well, No more 404 errors... so something has changed here in Ohio as well. 

Where are you?

Established Sharer

Re: dnsrsearch.com DNS Hijack

I'll just interject that the address mask 255.255.255.252 looks a bit strange, though I haven't verified with Spectrum business yet.  My (formerly) TWC home service in Ohio uses 255.255.255.224 for the modem's mask and I don't get those redirects.  

Observer

Re: dnsrsearch.com DNS Hijack

255.255.255.252 makes sense to me since we have a single static IP.

255.255.255.252 is just a big enough block for 2 IPs. One is for our default gateway, the other is our public static IP.

 

I'm just going to use OpenDNS since no one at Spectrum seems to have any idea who is in charge of those DNS servers or how to stop the hijacking.

Observer

Re: dnsrsearch.com DNS Hijack

I'm in the Dallas/Fort Worth area. I think there is a huge advantage to using a public DNS in this regard since I don't have to suffer silly redirects like this when using Google or OpenDNS's public recursive DNS servers.

As for the advantages to using Spectrum's DNS servers if I could disable the redirects, I think the fastest resolver would be the one within Spectrum's own network (before it starts having to be routed out in the public internet). Maybe that's what you were getting at and I misunderstood.
Regardless, I'm switching to OpenDNS for the foreseeable future.
Expert

Re: dnsrsearch.com DNS Hijack

There is no alternate routes in the TWC/RR network, it's a pipeline that seldomly changes..... 

 It get's ugly when both IPv4 and IPv6 are run simultaneously...