Level 3 Public DNS (4.2.2.x) now hijacks NXDOMAIN results
Stumbled upon this randomly:
# host sdfjnbsdifndsigubsdigbdfiugbdiubgdifugbdiofgbodinfidnofgindf.com 22.214.171.124 Using domain server: Name: 126.96.36.199 Address: 188.8.131.52#53 Aliases: sdfjnbsdifndsigubsdigbdfiugbdiubgdifugbdiofgbodinfidnofgindf.com has address 184.108.40.206 sdfjnbsdifndsigubsdigbdfiugbdiubgdifugbdiofgbodinfidnofgindf.com has address 220.127.116.11 Host sdfjnbsdifndsigubsdigbdfiugbdiubgdifugbdiofgbodinfidnofgindf.com not found: 3(NXDOMAIN)
They now reply with this set of IPs to any query that would return a "nonexistent domain" result. One IP is at Rackspace, and the other is from "searchguideinc.com".
And just the other day I was reading https://www.grc.com/dns/alternatives.htm, which praised them with "Level3 has never played any games with DNS, and it's impossible to imagine that they ever would" -- so much for that.
Time to migrate (if anyone used them) to some other NSes from the list on that page, or better yet, consider running your own, it's quite simple with Unbound.