Home > Technology > RCN Hijacking Mistyped URLs

RCN Hijacking Mistyped URLs

Picture 3

My ISP (Internet Service Provider) is hijacking my mistyped URLs!  Instead of sending a “Does Not Exist” error when I type in an invalid URL, RCN is redirecting me to their search page.

*Update August 14th 2009*
See how I finally got this problem fixed.

If a URL does not exist, I should not be getting a page back or redirect from my ISP’s DNS server.  The internet was designed in a way that if something is requested that does not exist, I get an error that it does not exist.  A good metaphor would be me calling Pizza Hut, dialing a 5 instead of a 2 on accident, and then having my call routed to the nearest Papa Johns.

I don’t mind that they are trying to monetize something, they have the right.  I do, however, have a serious problem with them opting me into a service, automatically, that changes the way my internet connection works.

I called RCN’s technical support to ask how to disable this, and they put me on hold for 10 minutes.  Their first response was resetting my browser settings.  I immediately asked for a manager.  After a five minute wait, the supervisor insisted that it was my browser that had incorrect settings.  I was put on hold again.  After another 15 min wait, the representative supposedly disabled FoxFire (that is what they called it) to opt me out of this DNS hijacking service.

Upon further questioning, the representative told me that they received an email on August 4th that explained the details of the Chicago area getting this DNS search service.  At this point I have restarted my modem and router to accept new DNS settings, and the problem still persists.  I was on the phone with RCN for at total of 55 Minutes. As it stands, I have a request for a manager to call me back.

  1. Charlie Hayes
    August 6, 2009 at 2:31 AM

    It’s even worse than you describe. It isn’t just URLs, they actually resolve all nonexistent domains to address of their web servers. I’m sure this violates at least one DNS related RFC. I can’t believe the FCC allows this crap. RCN is rather late to the party! TimeWarner has been doing this for years, they have an opt-out service which works in IE only.

    • August 6, 2009 at 2:51 AM

      Their Opt-Out services only works in IE? How is that? I am about to change my DNS settings to Open DNS. But I would rather have RCNs since I am paying for it. What is the RFC?

  2. Charlie Hayes
    August 6, 2009 at 3:02 AM

    Yup! Only IE!

    Watch out, OpenDNS also hads ads unless you disable them. In addition, every time your IP changes you get the ads back, unless you run a process on your computer to update them of your IP. Mine often comes back even when my IP doesn’t change! And disabling it on OpenDNS is obviously intentionally confusing.

    I don’t know which RFC indicates how DNS servers should respond to requests for domain names that don’t exist, but if you have a few days to kill, you’re more than welcome to take a look: http://www.dns.net/dnsrd/rfc/

  3. A
    August 6, 2009 at 3:35 AM

    I noticed this a few days ago too. I’m in Boston.

  4. RCharles
    August 31, 2009 at 2:27 PM

    I also have a problem with RCN DNS services. WQhen I complained about slow or failing web pages, where I would get a NOT FOUND and, if I hit TRY AGAIN, it would find the page. Their response was to add PaxFire to my account. When I discovered what PaxFire was I demanded RCN opt me out of it, which they claimed to have done.

    But the DNS lookups were still going very slow so I tried to program my router to use a specific, public DNS server at But the router keeps coming back reset to “Get Automatically From ISP”.

    Has anyone else tried to force the use of a specific DNS server with RCN? Can they refuse the router request? It’s an older netgear router so I may investigate a new one to see if this works better. Meanwhile, I will ask RCN if they are blocking this and, if yes, I will file an FCC complaint. (Already filed a complaint that RCN added PaxFire without telling the customer or offering an opt-out.

    Time to donate, again, to net neutrality; hope the legislation covers/prevents this kind of crap from the ISPs who should be selling a commodity like water or gas service.


  5. RCharles
    August 31, 2009 at 5:11 PM

    An update…

    I was successful in getting the router to accept specific DNS IP addresses by using a hardwire connection to the router. I suspect it does not allow changes via a Wi-Fi connection.

    Problem is closed.


    • August 31, 2009 at 5:27 PM

      I could probably help you getting your router setting set up. It should be a router wide setting. Check out OpenDNS.org. Also, you can visit your router’s manufacturer’s website and find the manual on how to change your DNS server.

  6. Gant
    October 20, 2009 at 1:40 AM

    Because I use a WiFi router at home, my iPhone gets ISP service via RCN. During a Safari browser address bar search I discovered my iPhone was being hijacked by RCN/Yahoo search. So, I phoned RCN tech support to have them opt out Paxfire from my iPhone. Each of three calls to RCN tech support told me they did not have the code to opt out Paxfire on iPhone.

    So, I phoned Paxfire tech support at 703 435-6375 and explained the situation. The Paxfire agent told me he would contact RCN, then he took my phone number. I was very surprised that evening when RCN high-level tech support phoned me to verify they had input the correct ip address to immediately eliminate Paxfire from my iPhone.

    RCN tech support knows how to remove Paxfire from your desktop computer, but you might have to phone Paxfire tech support at 703 435-6375 to opt out from Paxfire on your iPhone.

  7. October 20, 2009 at 2:43 AM

    Gant, RCN can turn it off on your entire account if you call them. The solution Paxfire likely gave you was to use the cookie solution or something of that nature. That does not turn it off, it just hides it.

  8. November 4, 2009 at 8:25 PM

    I went to the RCN website and completed the “Contact Us” form for tech support. I typed, “Please disable your DNS hijacking service called “FoxFire.” About an hour later I received an email from their tech support that said the following:

    Dear Mr. Boone,

    My apologies for the inconvenience. About the redirects, the reason we had this on our system is that if ever you made a mistake or entered search terms into your address bar while using a web browser, the new service tries helping you find what you are looking for, similar to a toolbar function, without the need to install a toolbar.

    But since this is quite inconvenient on your end, I will be disabling this setting on your end so that you connection will go back to the way it was. And just to complete this process, can you please power cycle all of your equipments.

    SEQUENTIAL POWER CYCLE (with wireless router)

    1. Turn OFF the computer. (Complete shutdown)

    2. Turn OFF the wireless router. (Unplug power cord from the router)

    3. Turn OFF the cable modem. (Unplug power cord from the cable modem).

    4. Leave it OFF for about a minute or two.

    5. Turn ON cable modem first. (Give it a minute to reboot)

    6. Turn ON wireless router. (Give it another minute to reboot)

    7. Turn ON computer and then try to get online to the internet.

    Or you could also try these steps.

    POWER CYCLE (without the wireless router)

    1. Turn OFF the computer. (Complete shutdown)

    2. Turn OFF the cable modem. (Unplug power cord from the cable modem).

    3. Leave it OFF for about a minute or two.

    4. Turn ON cable modem first. (Give it a minute to reboot)

    5. Turn ON computer and then try to get online to the internet.

    I hope these steps could help you with your issue. Should you have any further questions or concerns, please feel free to contact us on your most convenient time.

    Thank you,


    RCN Email Support

    1-800-746-4726 (toll free)

    1-610-443-5550 (toll fees apply)

    RCN – Connect to Something More.

    • November 4, 2009 at 8:28 PM

      Oh, and I forgot to mention that the issue is now resolved. Time to donate more money to the Net Neutrality people.

  9. RCharles
    November 5, 2009 at 10:32 AM

    I went through this with RCN a while back, with no confidence they actually had disabled the URL interception.

    I then programmed my wi-fi router to use specific IP address for DNS server, e.g., My understanding that this should bypass RCNs DNS system and, therefore, the URL intercept function as well.

    Can anyone confirm that using public DNS servers solves this problem?

    Is there a way to test this arrangement and prove that it works?



    • November 5, 2009 at 4:39 PM

      Yes, OpenDNS will solve the problem. To test it, just make the change to your router or PC’s DNS server settings, and go to a fake server.

  10. November 22, 2009 at 11:48 PM

    Wow, can they actually do that? I always thought if you typed an incorrect URL you should get the error message.

    • November 23, 2009 at 12:01 AM

      Very simplified, when you request a non existent URL, let’s say ‘nonexistent.com’, your computer asks your router where it is. Your router doesn’t know, so it asks your ISP. In this case, your Internet Service Provider, RCN, says “we don’t know where that is, but we’ll send you to our page, with ‘nonexistent.com’ as the search results.” Then they make money from the ads on that page.

  11. Josh Brinkman
    February 10, 2010 at 3:30 PM

    I guess I’m late to this party, but I’ve been living with this situation for a while now. My problem differs from you all because I need to use a Virtual Private Networking client to connect to my office. RCN (randomly it seems) intercepts all DNS lookups, no matter what protocol. If I ping a hostname in my company’s internal network, I frequently get back an RCN IP address, and sometimes I get back the real machine address. This is even more annoying because I need to first log into my company’s firewall (via http) before accessing any machines. RCN hates to let me get to the firewall so I can type in my credentials… they always redirect to their search results page.

  1. August 10, 2009 at 8:59 PM
  2. October 28, 2009 at 6:16 PM
  3. November 10, 2009 at 5:23 AM

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: