Need help with your equipment?
HQ_IT_Guy's profile

Tutor

 • 

1 Message

Monday, March 27th, 2017 7:40 PM

ATT DNS Assist Page

I have several employees who suddenly cannot access the office home page. The ATT DNS "Assist" page opens instead.

 

If AT&T wants to redirect 404 errors for their customers, that's their business. But when my employees come into the office (not on AT&T internet) and cannot access our internal webserver because their DNS has been hijacked. That is a problem.

 

What is the fix for this?

Why has AT&T decided it's OK to override ANY computer's DNS functionality to earn a few pennies from YAHOO! (of all places) search?

ATTHelp

Community Support

 • 

207.2K Messages

6 years ago

Hi @HQ_IT_Guy,

 

Can provide more infomation on this issue? Send us links and screenshot of the errors your employees are getting with this issue. That may help us understand to provide a solution.

 

-ATTU-verseCare

Contributor

 • 

1 Message

6 years ago

We are having this exact issue, 2 employees who were on an ATT network at one of their parents homes came in Monday and can no longer reach any of our internal resources via Internet Explorer without getting redirected to the DNS Assist page. Went through all the standard TS stuff, setting DNS servers statically, flush/register DNS, and have found the issue:

 

1. Only occurs with Internet Explorer

2. Is isolated to the profile that was used on the ATT network, if i log in with my account everything works fine. 

 

 

Ive checked for alterations to the TARGET line in their IE shortcuts, Add-Ons, scripts in task manager, reset IE to defaults, etc and still cant get this DNS hijack to go away. 

ATTHelp

Community Support

 • 

207.2K Messages

6 years ago

Hi,

 

We are sorry about the issues. Hopefully, everything starts working correctly, but if not, you may want to disable it. Here is a post that goes over it.

 

-ATTU-verseCare

Contributor

 • 

1 Message

6 years ago

AT&T,

This is an issue for many companies. Opting out of the service isn't a resolution. We need a fix that can be applied at the time it happens. Asking the end user to opt out when they need access to the company resources NOW isn't a fix. We have this issue with several users, it comes and goes. Different behavior with different users. Our VP has had this issue multiple times. Can you please escalate this to your technical teams and post a KB on how to resolve it. 

ATTHelp

Community Support

 • 

207.2K Messages

6 years ago

Hi @joatmon76,

 

DNS error assist is there to help when the DNS entry is not taking you to the right location. To correct it, you can look to make sure the DNS is populated correctly, and if it is, and still taking you to the catch site, the only thing that can be done is work on making sure the DNS servers are mapping correctly or turning off the DNS error assist.

 

-ATTU-verseCare

Tutor

 • 

3 Messages

6 years ago

Our business is experiencing the same issue.  I agree that asking each user to sign into their AT&T account to disable this "feature" is not a valid solution.  We have hundreds of users and our help desk is dealing with this frequently.  Opting out can take up to 48 hours, so this is a major impact to our productivity/business.  

 

When you say "make sure the DNS servers are mapping correctly", what exactly do you mean?  When a user connects to the internal network, they obtain DHCP and that sets the correct local DNS server (confirmed).  When they open a browser to request "intranet.domain.com", the specified DNS server looks for the record and finds a match, and returns the appropriate IP address (confirmed).  This all works for other browsers and network tools/commands like "nslookup" (confirmed, and stated by other posts above).  The only thing that fails is Internet Explorer, which tells me that AT&T has modified the browser or traffic in some way.  If so, this is a major breach of consumer confidence, and we need to know exactly what is changed (i.e. registry entries) to undo the changes!  If AT&T claims this is not a physical change to IE, then AT&T needs to explain exactly how "DNS assist" works so that we can configure our networks to avoid/block it, and so that AT&T engineers can implement a fix.  

 

I had one of our techs call in about this issue over the weekend and spent over 2 hours with support, and the only solution that could be provided by AT&T was to "opt out".  This issue needs to be escalated within AT&T as soon as possible so that the appropriate engineers can post the root cause.  

ATTHelp

Community Support

 • 

207.2K Messages

6 years ago

Hi,

 

With the DNS error assist, the way it was meant to function was to route you to that page if the DNS entry is suspicious or the website it is mapping to is not correct. If you notice this consistently with one page, then it may be an issue with how AT&T's DNS servers are handling the request to that one page, and you want to ensure that page's Reverse DNS entries are good. It sounds like you have, and the other problem could just be an issue with the DNS servers at AT&T. Let us know if you see consistent issues to a page and we can look into it.

 

-ATTU-verseCare

Tutor

 • 

3 Messages

6 years ago

I think we all are experiencing consistent issues with specific entries.  What I'm not understanding is your DNS servers should have nothing to do with these requests.  Users are internal, the DNS servers are internal, and the end server is internal.  The DNS request should never leave our network, and yet somehow Internet Explorer is intercepting the request and using the DNS Assist.  Of course AT&T can't get to it because it is not a public DNS entry, nor do we allow external access.  So the question remains, how does DNS Assist intercept the traffic when the request is supposed to be internal only.  

 

I did experiment with a problem machine, and the following fixed the issue (at least temporarily)

- Removed ATT.net entry in network adapter DNS suffixes.  Apparently this is added automatically for AT&T users

- deleted all entries in registry that said "attdnsassist.net".

- Cleared IE history

- Re-launched IE

 

Can anyone else confirm a combination of these changes resolve the issue?  Is the DNS suffix the root cause?  It is last in the list so I doubt it would cause issues, but seems to be the only culprit.  

 

FYI - I'm willing to share our specific domain with ATT support via private message.  

Contributor

 • 

1 Message

6 years ago

 I clear browsing history and reset IE. How is ATT getting away with installing malware on PCs?

Contributor

 • 

1 Message

6 years ago

ATT needs to explain exactly how this works. If it is bypassing internal DNS servers specified by DHCP, it is broken and little more than malware. What modifications are being made and where?

Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.