Results 1 to 3 of 3

Thread: Mass DNS Hijacks

  1. #1
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188

    Mass DNS Hijacks

    Researchers have identified a new trojan that can tamper with a wide array of devices on a local network, an exploit that sends them to impostor websites even if they are hardened machines that are fully patched or run non-Windows operating systems.
    Article is here:

    http://www.theregister.co.uk/2008/12...anger_hijacks/

    According to researchers with anti-virus provider McAfee's Avert Labs, the update allows a single infected machine to pollute the DNS settings of potentially hundreds of other devices running on the same local area network by undermining its dynamic host configuration protocol, or DHCP, which dynamically allocates IP addresses.
    And a jolly good time was had by all

  2. #2
    AO's Filibustier Cheap Scotch Ron's Avatar
    Join Date
    Nov 2008
    Location
    Swamps of Jersey
    Posts
    378
    While the article states that this virus is not widely circulated, it wreaked havoc at one of my clients. We didnt even know they had a problem until a credit card was stolen.

    Since it's a relatively small LAN, we decided to use static IP and DNS settings. This wont work for larger clients.

    The article mentions their preference for OpenDNS. I would be curious if any AO members have any experience with this.

    CSR
    In God We Trust....Everything else we backup.

  3. #3
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    Quote Originally Posted by Cheap Scotch Ron View Post
    While the article states that this virus is not widely circulated, it wreaked havoc at one of my clients. We didnt even know they had a problem until a credit card was stolen.

    Since it's a relatively small LAN, we decided to use static IP and DNS settings. This wont work for larger clients.

    The article mentions their preference for OpenDNS. I would be curious if any AO members have any experience with this.

    CSR
    I have setup openDNS at a client of mine. Seeing it was a free service and offered some nice extra features at no cost (such as filtering) we set up a public web cafe network to use openDNS as their ONLY dns server.

    In our case it was mainly for the blacklists of sites. We filtered out known porn and phishing sites aswell as some other disturbing categories. I have to say.. that so far openDNS did their job pretty good.
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

Similar Threads

  1. Mass email solution?
    By Negative in forum General Computer Discussions
    Replies: 3
    Last Post: October 19th, 2008, 04:20 PM
  2. Illegal Immigration - Help Save the USA!
    By mathgirl32 in forum Cosmos
    Replies: 35
    Last Post: May 17th, 2005, 12:20 AM
  3. Democrats Prepare for Mass Exodus!!!!
    By OverdueSpy in forum Cosmos
    Replies: 2
    Last Post: September 21st, 2004, 04:30 AM
  4. Does light have mass?
    By clintonsucks in forum Cosmos
    Replies: 34
    Last Post: October 21st, 2003, 10:24 PM
  5. Mass Icq hack ???
    By KOBBRAS in forum Miscellaneous Security Discussions
    Replies: 0
    Last Post: February 23rd, 2002, 10:16 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •