Nxdomain redirect revenue
bonomi at mail.r-bonomi.com
Tue Sep 27 16:13:32 CDT 2011
> From nanog-bounces+bonomi=mail.r-bonomi.com at nanog.org Tue Sep 27 15:54:37 2011
> Date: Tue, 27 Sep 2011 13:54:26 -0700
> From: JC Dill <jcdill.lists at gmail.com>
> To: NANOG list <nanog at nanog.org>
> Subject: Re: Nxdomain redirect revenue
> On 27/09/11 7:20 AM, William Allen Simpson wrote:
> >> Most likely the ISPs' lawyers were smart enough to include a clause
> >> in the ToS/AUP allowing
> >> the ISP to intercept, blackhole, or redirect access to any hostname or
> >> IP address.
> > It's not legal to insert a clause allowing criminal conduct. There's
> > no safe haven for criminal conduct.
> I'm not sure that it's *illegal to insert a clause* for conduct that is
> forbidden by law. I'm pretty sure you can claim almost anything in the
> contract. What is illegal is enforcement of an illegal clause. Law
> trumps contract terms - that's WHY we have civil laws - to protect
> people from unscrupulous business dealings. And that's why most
> contracts have a clause that says if a particular clause in the contract
> is found invalid the rest of the contract still stands - because so many
> contracts DO have invalid clauses. For example, many employment
> contracts have non-compete clauses that forbid the employee from going
> to work for a competitor. But in many states these clauses violate the
> state's right-to-work laws. The company lawyers KNOW the clause is
> illegal, but they insert it in the employment contracts anyway, to try
> to fool employees into thinking they will get sued if they go to work
> for a competitor.
> >> The name for an ISP intercepting traffic from its own users is not
> >> "interference" or "DoS",
> >> because they're breaking the operation of (er) only their own network.
> > No, they're breaking the operation of my network and my computers. My
> > network connects to their network.
> But you have no recourse, their network, their rules. (Right?) You
> *might* have recourse if they were modifying traffic you sent to their
> customer, but in this case they are modifying traffic that originates
> FROM their customer. I'm not convinced that redirecting this traffic is
> any different from blocking it (e.g. firewall to prevent employees from
> accessing facebook or torrents).
> I believe the only entity who has recourse is the entity who is paying
> them for service - e.g. their (paying) customer.
In the specific case of 'falsifying' a DNS return for what would have been
a NXDOMAIN, that is "mostly' correct. but consider whqat happens when
you get into the situation of querying a DNSBL operator -- where an 'error'
result _is_ a desired return value.
Now, when the provider returns 'false and misleading' data for what would
be, under normal conditions, a SUCCESSFUL query -- say, returning a 'bogus'
address for a well-known search-engine, so as to bee able to manipulate the
results -- then the party whose traffic is being 'stolen', and sent to the
bogus server, THAT party may well have grounds for a civil suit for 'tortuous
interference with a business relationship'. In this situation, there are
also possible criminal sanctions, under 'wiretapping' prohibitions, among
More information about the NANOG