Virgin Media DNS hijacking
Having own DNS servers is a good practice, rather than letting your ISP to direct traffic to their liking. Virgin Media's stupid landing page for unresolved DNS was driving me nuts. Even after running my own bind9 I noticed that the DNS queries are still being hijacked by VirginMedia and reroute via their garbage . The simple test to prove this is dnsleak .
The ISP column will have a Virgin Media entry.
Lets see how we can work around this .
- setup a £5/month VPS & run bind9 on it
- link the home gateway & VPS via wireguard & point all DNS upstream to this VPS
- add iptables rule to PREROUTE plus usual masquarding rules on wireguard interface
where 192.168.6.1 is the VPS
a few days later I get a letter in the post ...
According these wankers my router is "misconfigured" - ODNSR vulnerability my arse !
No comments:
Post a Comment