-
December 7th, 2008, 05:42 PM
#1
Mass DNS Hijacks
Researchers have identified a new trojan that can tamper with a wide array of devices on a local network, an exploit that sends them to impostor websites even if they are hardened machines that are fully patched or run non-Windows operating systems.
Article is here:
http://www.theregister.co.uk/2008/12...anger_hijacks/
According to researchers with anti-virus provider McAfee's Avert Labs, the update allows a single infected machine to pollute the DNS settings of potentially hundreds of other devices running on the same local area network by undermining its dynamic host configuration protocol, or DHCP, which dynamically allocates IP addresses.
And a jolly good time was had by all
-
December 8th, 2008, 11:15 AM
#2
While the article states that this virus is not widely circulated, it wreaked havoc at one of my clients. We didnt even know they had a problem until a credit card was stolen.
Since it's a relatively small LAN, we decided to use static IP and DNS settings. This wont work for larger clients.
The article mentions their preference for OpenDNS. I would be curious if any AO members have any experience with this.
CSR
In God We Trust....Everything else we backup.
-
December 8th, 2008, 11:26 AM
#3
Originally Posted by Cheap Scotch Ron
While the article states that this virus is not widely circulated, it wreaked havoc at one of my clients. We didnt even know they had a problem until a credit card was stolen.
Since it's a relatively small LAN, we decided to use static IP and DNS settings. This wont work for larger clients.
The article mentions their preference for OpenDNS. I would be curious if any AO members have any experience with this.
CSR
I have setup openDNS at a client of mine. Seeing it was a free service and offered some nice extra features at no cost (such as filtering) we set up a public web cafe network to use openDNS as their ONLY dns server.
In our case it was mainly for the blacklists of sites. We filtered out known porn and phishing sites aswell as some other disturbing categories. I have to say.. that so far openDNS did their job pretty good.
Ubuntu-: Means in African : "Im too dumb to use Slackware"
Similar Threads
-
By Negative in forum General Computer Discussions
Replies: 3
Last Post: October 19th, 2008, 04:20 PM
-
By mathgirl32 in forum Cosmos
Replies: 35
Last Post: May 17th, 2005, 12:20 AM
-
By OverdueSpy in forum Cosmos
Replies: 2
Last Post: September 21st, 2004, 04:30 AM
-
By clintonsucks in forum Cosmos
Replies: 34
Last Post: October 21st, 2003, 10:24 PM
-
By KOBBRAS in forum Miscellaneous Security Discussions
Replies: 0
Last Post: February 23rd, 2002, 10:16 PM
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|