Detecting XFinity/Comcast DNS Spoofing, (Mon, May 6th)

ISPs have a history of intercepting DNS. Often, DNS interception is done as part of a “value add” feature to block access to known malicious websites. Sometimes, users are directed to advertisements if they attempt to access a site that doesn't exist. There are two common techniques how DNS spoofing/interception is done:

This article has been indexed from SANS Internet Storm Center, InfoCON: green

Read the original article: