Half Million People could lose Internet in the coming weeks.


applepansy
 Share

Recommended Posts

Does anyone know anything about this? This is the first I've heard about it.

Half Million People Could lose Internet in the coming weeks.

This kind of thing has been going on for a while. Normally they just shut down rogue DNS servers, but it seems this was big enough to put legitimate DNS servers in their place for a period of time.

If anyone is infected however, it's easy to fix, taking a matter of seconds. Any network/computer technician worth their salt will know exactly whats wrong.

Most people with a bog standard setup at home that has the issue just needs to go to their command prompt (cmd) and type:

netsh interface ip set dns "local area connection" static 8.8.8.8

and

netsh interface ip set dns "wireless network connection" static 8.8.8.8

Not to worry... It doesn't apply to Macs

Ahh, this pretend world is so blissful :)

Back into the real world however, macs are affected because if any routers that OSX/Macs get their DNS information from are affected, this will propagate to the mac, and you'll have the same problems anyone else would.

Link to comment
Share on other sites

Who uses the DNS info handed out by their ISP anyways? I know, most people... still... Better options exist such as OpenDNS- not only do they offer some parental control, but they also can correct typos- your own ISP (probably) uses a typo an a way to bombard you with ads- OpenDNS just sends you to where you probably intended to go.

Link to comment
Share on other sites

Who uses the DNS info handed out by their ISP anyways? I know, most people... still... Better options exist such as OpenDNS- not only do they offer some parental control, but they also can correct typos- your own ISP (probably) uses a typo an a way to bombard you with ads- OpenDNS just sends you to where you probably intended to go.

Those people that don't know what DNS is will end up using their ISPs DNS :P

I tend to use googles DNS to be honest, for the simple reason that it's easier to remember the IPv4 address (8.8.8.8, 8.8.4.4)

Link to comment
Share on other sites

Those people that don't know what DNS is will end up using their ISPs DNS :P

I tend to use googles DNS to be honest, for the simple reason that it's easier to remember the IPv4 address (8.8.8.8, 8.8.4.4)

Some of the root DNS servers are easy to remember too- 4.2.2.2 4.2.2.1

I'm sure they're horrible and impossible to remember in IPv6 land.

Link to comment
Share on other sites

Some of the root DNS servers are easy to remember too- 4.2.2.2 4.2.2.1

I'm sure they're horrible and impossible to remember in IPv6 land.

[JAG gets lost in a cloud of ones and zeros]

OK, can someone please give me a quick primer on what IPv6 is and the basic relationship between DNS servers, proxy servers, and IPs?

Thanks--

Link to comment
Share on other sites

How many are affected with DnsChanger

To be completely accurate, DnsChanger is a virus targeting DNS servers, not individual computers. If your DNS server is rouge, your last line of defense is your web browser, which (especially now) is mostly OS-Independent.

Although, it is a bit harder to go from corrupted web browser to corrupted OS on a mac. ;)

Link to comment
Share on other sites

Let's see if you can back up your sarcasm

How many Macs are infected with DnsChanger?

Lets see if you understood my comment... do you know how DNS works, or what it is?

DNS servers work in a hierarchy system, if any of the DNS servers that your mac relies are are infected, it's irrelevant what operating system you use, hence, macs will have the same problems as any other operating system.

Link to comment
Share on other sites

Lets see if you understood my comment... do you know how DNS works, or what it is?

Yup. The DoughNut Shop works like this- I pull up, order, drive away with hot good from the DNS. Some have sprinkles, some are chocolate old fashioned, and some are glazed. As for what it is... that's self explanatory.

Link to comment
Share on other sites

Yup. The DoughNut Shop works like this- I pull up, order, drive away with hot good from the DNS. Some have sprinkles, some are chocolate old fashioned, and some are glazed. As for what it is... that's self explanatory.

Can you get

?
Link to comment
Share on other sites

To be completely accurate, DnsChanger is a virus targeting DNS servers, not individual computers. If your DNS server is rouge, your last line of defense is your web browser, which (especially now) is mostly OS-Independent.

Although, it is a bit harder to go from corrupted web browser to corrupted OS on a mac. ;)

It can affect systems in any role to be honest, whether DNS servers or end user systems - all it does is change the IP address of the DNS server where it gets records that it doesn't know about from. Although the modifications the trojan would have to make to the system on a DNS server would be a little different in a lot of cases.

Link to comment
Share on other sites

[JAG gets lost in a cloud of ones and zeros]

OK, can someone please give me a quick primer on what IPv6 is and the basic relationship between DNS servers, proxy servers, and IPs?

Thanks--

IP addresses are how computers know each other. What a DNS server does is convert names into IP addresses. A computer doesn't know where http://www. hypothetical.com is, so it asks a DNS server, a DNS server converts http://www. hypothetical.com into 72.14.204.138 which a computer can use.

Now the whole IPv6 versus IPv4 (and thus the comment about remembering). The "72.14.204.138" is an example IPv4 address, relatively easy to remember (particularly with the examples of DNS servers given). An example IPv6 address would look like 2001:0db8:85a3:0000:0000:8a2e:0370:7334. Much more difficult to remember.

Though they can be abbreviated to my knowledge. Wikipedia gives these rules:

Rule one: Leading zeroes within a 16-bit value may be omitted.

Rule two: One group of consecutive zeroes within an address may be replaced by a double colon.

So 2001:0db8:85a3:0000:0000:8a2e:0370:7334 becomes 2001:db8:85a3::8a2e:370:7334 . Still not as easy to remember.

Edited by Dravin
Link to comment
Share on other sites

[JAG gets lost in a cloud of ones and zeros]

OK, can someone please give me a quick primer on what IPv6 is and the basic relationship between DNS servers, proxy servers, and IPs?

Thanks--

Furthering what Dravin has said, IPv6 has been created to replace IPv4 due to the massive shortage of IPv4. IPv4 was not designed to cope with a network with as many clients as the internet. The integration of IPv6 and IPv4 and eventual removal of IPv4 is not an operation I would want to oversee.

DNS servers are only needed because people find it difficult to remember IP addresses. So instead they type a domain name (www . google . com) and a DNS server will convert it into an IP address.

This is only external (internet) DNS servers of course... internal servers are similar but not quite the same.

Proxy servers are essentially any server that sits between your computer and the server (e.g. webserver) you are trying to connect to, and the proxy server connects to the website on behalf of your computer. So the webserver doesn't see the IP address of your computer connecting to it, instead it sees the IP address of the proxy server, which then directs all the data packets back to your computer. The router you most likely use in your house for your domestic internet connection is essentially a proxy server - webservers don't see your computer connecting to them, they just see your router. Routers and proxies are different but for the purposes of this discussion they are practically the same.

People also use proxy servers to make it harder for people to trace over the internet... e.g. I might connect to a proxy server in China to attack a webserver in The Netherlands. This way, the server I attacked only knows the server in China attacked it, it has no idea it was originally coming from me.

Edited by Mahone
Link to comment
Share on other sites

So, lemme see if I have this right:

All computers have their own unique identifier - an IP address.

My ISP has its own "DNS server" - basically, like a "phone book". It reads the web address I type into my browser, and figures out which computer I'm really trying to access.

So if I use OpenDNS, my own IP address won't change; I'm just using a different phone book. It might be a better phone book--making my browsing slightly faster--and I can also use it to filter my computer; although a knowledgable user could get into my router/modem and reset the DNS settings to the ISP's default and thus skirt the filtering.

I hear online about people using "proxy servers", and the main reason for doing this would be to hide one's own computer's IP address. However, I imagine you'd want to be very careful about which proxy you use for that purpose; since I imagine some of them can be reverse-hacked to see who has been using them. (The main purpose I've heard for using proxies is to access web content that's theoretically not supposed to be available in your own country--say, accessing a BBC broadcast on the corporation's UK website from the USA--although this kind of thing is of questionable legality.)

Correct?

Edited by Just_A_Guy
Link to comment
Share on other sites

Now, how does a proxy server focus into this? Doesn't it basically hide my own computer's IP address?

It can, but more often than not they're used to cache information- so if two people go to Google through a proxy server, the first time the proxy saves the webpage content- the second person who accesses Google receives a cached copy, reducing the utilization of the internet connection.

Link to comment
Share on other sites

It can, but more often than not they're used to cache information- so if two people go to Google through a proxy server, the first time the proxy saves the webpage content- the second person who accesses Google receives a cached copy, reducing the utilization of the internet connection.

So, a proxy server is primarily used by the content provider to provide data more efficiently to its users; but someone on the other end can also use a proxy server for anonymity?

Link to comment
Share on other sites

It can, but more often than not they're used to cache information- so if two people go to Google through a proxy server, the first time the proxy saves the webpage content- the second person who accesses Google receives a cached copy, reducing the utilization of the internet connection.

They are also used for network filters, especially on corporate networks. If you're using a corporate network, you will also certainly be using an internal proxy server for this purpose, and caching :)

Link to comment
Share on other sites

So, a proxy server is primarily used by the content provider to provide data more efficiently to its users; but someone on the other end can also use a proxy server for anonymity?

Domestic ISPs can and do use proxy servers sometimes for this purpose (they often make it optional because proxy servers can cause problems), but more commonly proxy servers are internal parts of large corporate networks.

Edited by Mahone
Link to comment
Share on other sites

How many are affected with DnsChanger

A little bit of research (cnet linky) and wah-la! Information!

Quote from article:

"The Mac variants of the malware, found starting in 2008, were known as OSX.RSPlug.A, OSX/Puper, and OSX/Jahlav-C. These have been distributed through pornographic Web sites disguised as required video codecs for QuickTime, and as with the Windows versions, when installed the Trojan would change the system's DNS settings to servers that would redirect legitimate Web URLs to malicious sites."

Link to comment
Share on other sites

Lets see if you understood my comment... do you know how DNS works, or what it is?

DNS servers work in a hierarchy system, if any of the DNS servers that your mac relies are are infected, it's irrelevant what operating system you use, hence, macs will have the same problems as any other operating system.

Does that mean you don't know or just don't want to answer?

Link to comment
Share on other sites

Does that mean you don't know or just don't want to answer?

Does that mean you still don't understand my comment?

I'm not going to answer irrelevant questions. I suggest you research dns servers, and how they work in a hierarchy, starting from root dns servers. If you think your question is relevant, can you explain how?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share