Violation Type:ISP Hijacking

From Violations Tracker
Revision as of 23:29, 8 September 2016 by HLandau (talk | contribs) (Created page with "{{Violation Type|abbr=NHIJACK|cat=Net Neutrality}} An ISP hijacks connections or connectionless traffic, performing a man-in-the-middle attack. This will usually only be per...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Violation Type
NHIJACK

ISP Hijacking

Violation InstanceViolator
Comcast Internet Service/NHIJACKComcast Internet Service
Cox Internet Service/NHIJACKCox Internet Service
Cricket Wireless (Mobile Internet Service)/NHIJACKCricket Wireless (Mobile Internet Service)
Sky Broadband/NHIJACKSky Broadband
Verizon Wireless Internet Service/NHIJACKVerizon Wireless Internet Service
Virgin Media Internet Service/NHIJACKVirgin Media Internet Service
Vodafone Internet Service/NHIJACKVodafone Internet Service


An ISP hijacks connections or connectionless traffic, performing a man-in-the-middle attack.

This will usually only be performed on non-SSL connections, but may increasingly occur on SSL connections where the ISP is a corporation and the user is an employee.

In some cases the hijacking performed by an ISP may appear to be with good intent. For example, an ISP has been legally compelled to block a website, and wishes to inform people who attempt to visit the website of this. It does this by hijacking attempted connections to the website by whatever means. However, such good intentions do not constitute a valid excuse as they still constitute hijacking, with all the associated concerns.

This may be done by DNS hijacking or outright hijacking of TCP connections. A violation occurs regardless of the means used.

If direct TCP interception is used, this implies NLREMIT. If DNS hijacking is used, this does not imply NLREMIT unless such hijacking affects queries to non-ISP DNS resolvers.