Mass DNS Hijacks
Results 1 to 3 of 3

Thread: Mass DNS Hijacks

Hybrid View

  1. #1
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190

    Mass DNS Hijacks

    Researchers have identified a new trojan that can tamper with a wide array of devices on a local network, an exploit that sends them to impostor websites even if they are hardened machines that are fully patched or run non-Windows operating systems.
    Article is here:

    http://www.theregister.co.uk/2008/12...anger_hijacks/

    According to researchers with anti-virus provider McAfee's Avert Labs, the update allows a single infected machine to pollute the DNS settings of potentially hundreds of other devices running on the same local area network by undermining its dynamic host configuration protocol, or DHCP, which dynamically allocates IP addresses.
    And a jolly good time was had by all
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  2. #2
    AO's Filibustier Cheap Scotch Ron's Avatar
    Join Date
    Nov 2008
    Location
    Swamps of Jersey
    Posts
    378
    While the article states that this virus is not widely circulated, it wreaked havoc at one of my clients. We didnt even know they had a problem until a credit card was stolen.

    Since it's a relatively small LAN, we decided to use static IP and DNS settings. This wont work for larger clients.

    The article mentions their preference for OpenDNS. I would be curious if any AO members have any experience with this.

    CSR
    In God We Trust....Everything else we backup.

  3. #3
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    Quote Originally Posted by Cheap Scotch Ron View Post
    While the article states that this virus is not widely circulated, it wreaked havoc at one of my clients. We didnt even know they had a problem until a credit card was stolen.

    Since it's a relatively small LAN, we decided to use static IP and DNS settings. This wont work for larger clients.

    The article mentions their preference for OpenDNS. I would be curious if any AO members have any experience with this.

    CSR
    I have setup openDNS at a client of mine. Seeing it was a free service and offered some nice extra features at no cost (such as filtering) we set up a public web cafe network to use openDNS as their ONLY dns server.

    In our case it was mainly for the blacklists of sites. We filtered out known porn and phishing sites aswell as some other disturbing categories. I have to say.. that so far openDNS did their job pretty good.
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

Similar Threads

  1. Mass email solution?
    By Negative in forum General Computer Discussions
    Replies: 3
    Last Post: October 19th, 2008, 05:20 PM
  2. Illegal Immigration - Help Save the USA!
    By mathgirl32 in forum Cosmos
    Replies: 35
    Last Post: May 17th, 2005, 01:20 AM
  3. Democrats Prepare for Mass Exodus!!!!
    By OverdueSpy in forum Cosmos
    Replies: 2
    Last Post: September 21st, 2004, 05:30 AM
  4. Does light have mass?
    By clintonsucks in forum Cosmos
    Replies: 34
    Last Post: October 21st, 2003, 11:24 PM
  5. Mass Icq hack ???
    By KOBBRAS in forum Miscellaneous Security Discussions
    Replies: 0
    Last Post: February 23rd, 2002, 10:16 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •