Jump to content

Dot virus

Dalucius

By Dalucius
in The Bar

 Share

Recommended Posts

mrsswordfisherman SWORDFISH

mrsswordfisherman

Posted
Posted

If a news or morning show warn of a virus it's just the usual misinformation scare campaign.

This is a government website that officially sent this stuff out not just a morning show.

ACMA MEDIA RELEASE

This DNSChanger Diagnostic is a joint Australian Government initiative between:

If you learned IT guys know something different then please share it with us :thumbup::biggrin2:

Link to comment
Share on other sites
The Incredible Hull SNAPPER

The Incredible Hull

Posted
Posted

This is a government website that officially sent this stuff out not just a morning show.

ACMA MEDIA RELEASE

This DNSChanger Diagnostic is a joint Australian Government initiative between:

If you learned IT guys know something different then please share it with us :thumbup::biggrin2:

No worries Donna :biggrin2:

The internet is made up of DNS servers and routers.

Its pretty much exactly the same as your home network, where you have a single router, sharing an internet connection with other pc's. Some home connections, may have more than 1 router, making their network larger (i.e. WAN). The internet is the exact same thing, just with millions of routers + dns servers. For those that you who don't know, put simply, a DNS server is something that resolves an IP address to a name. So for instance, www.fishraider.com is resolved from 208.87.35.107. This also also dependant on your ISP's dns server.

The internet is made up of millions of DNS servers, most are from ISP's, although some people like myself, have their own DNS server - it can be setup using LDAP but I won't go into that.

In a nutshell, the story claims, there's a virus that somehow hacks ALL DNS servers across the globe. It's almost like saying, on Monday, I'm going to hack everyones computer on this planet... the odds of that happening, is so rare that I could win Powerball 50 times over - highly unlikely. :074:

I don't know if that made much sense to you guys :074: But I can assure you, its a huge scam or some sort of attention seeking advertisement from some doomsayer who has nothing to do with their spare time.

Link to comment
Share on other sites
PM79 MORWONG

PM79

Posted
Posted (edited)

This is a government website that officially sent this stuff out not just a morning show.

You can add government to my list of who to ignore when the word "virus" is mentioned.

Edited by reLapse
Link to comment
Share on other sites
mrsswordfisherman SWORDFISH

mrsswordfisherman

Posted
Posted

No worries Donna :biggrin2:

The internet is made up of DNS servers and routers.

Its pretty much exactly the same as your home network, where you have a single router, sharing an internet connection with other pc's. Some home connections, may have more than 1 router, making their network larger (i.e. WAN). The internet is the exact same thing, just with millions of routers + dns servers. For those that you who don't know, put simply, a DNS server is something that resolves an IP address to a name. So for instance, www.fishraider.com is resolved from 208.87.35.107. This also also dependant on your ISP's dns server.

The internet is made up of millions of DNS servers, most are from ISP's, although some people like myself, have their own DNS server - it can be setup using LDAP but I won't go into that.

In a nutshell, the story claims, there's a virus that somehow hacks ALL DNS servers across the globe. It's almost like saying, on Monday, I'm going to hack everyones computer on this planet... the odds of that happening, is so rare that I could win Powerball 50 times over - highly unlikely. :074:

I don't know if that made much sense to you guys :074: But I can assure you, its a huge scam or some sort of attention seeking advertisement from some doomsayer who has nothing to do with their spare time.

Thanks for sharing that with us all Hull, lets hope your predictions are correct.

I guess the FBI turning off their solution on 9th July has some worried. It is interesting it all co-incides with National Cyber Security Awareness Week :biggrin2:

Link to comment
Share on other sites
Dalucius SNAPPER

Dalucius

Posted
  • Author
Posted

Thanks for all that info :thumbup:.

I don't mind hearing of any proposed threats just in case they are correct.

It took me 2 seconds to check that I was not infected.

I bet PS3 wishes they had warning last year when they were off line for over a month due to hackers.

:icon_peace:

Link to comment
Share on other sites
Testlab WHITING

Testlab

Posted
Posted

TIH, I don't want to start an argument over DNS but your explanation is not correct with regard to how the DNSChanger bug operates. The warning is valid, not because the bug is going to strike on July 9 but because the FBI is shutting down a particular DNS server the bug works through.

The bug works by changing the settings in a computer or router so it looks at only the DNS server that was run by the criminal network. it doesn't matter how many millions of DNS servers there are in the world, if your computer has been infected and is set to look at only those servers about to be shut down then you will lose your Internet on that computer.

There are a few removal methods. So if someone loses their Internet after 9 July for no good reason, it could be DNSChanger and it needs to be checked for as soon as possible.

TIH, it doesn't matter if someone sets their DHCP to auto or manual as DNSChanger overwrites this at a system level and the visible settings look normal, it's only if looking at an ipconfig diagnostic can the problem be discovered. Whatever manual changes are put in place DNSChanger simply and invisibly overwrites them again.

This was a very clever bug, it also masquerades as a DHCP server to computers on a local area network. So it can serve bogus DNS settings to a subnet and all the computers on it. If it gets into computers that are on a subnet serving routers getting DNS via DHCP then those lower hierarchy networks will all be affected.

Sysops and Admins on major networks have for a long time been filtering and blocking the IP addresses for DNSChanger, so affected computers on major networks would have lost Internet connectivity as soon as the filter went on and removed from service when the user complained that's its not working.

It's real, it's not a beat up and it will affect a lot of people - not as many as perhaps portrayed in the media but nonetheless it will be a lot, most of whom have no idea about how or why their computer works other than plugging in the power cord and pressing 'on'. The most popular method of infection was a 'video codec download' required by malicious porn and warez sites.

Link to comment
Share on other sites
The Incredible Hull SNAPPER

The Incredible Hull

Posted
Posted

Rightio! If what you say is correct, it is still a very far fetched scenario... for this dooms day to come true, every single computer on this planet needs to be affected by this virus... yep I'd have better chances of winning the lottery. :074:

More to my point, everyone is making it sound like its the end of the world. It's just another pathetic virus, and ultimately if you have been infected by any virus's, its your own fault. I say this, because in the last few years, I have stopped running virus protection at home, cause you shouldn't click on stuff you don't know, or visit sites that aren't proprietary or copyright or well known etc.

Link to comment
Share on other sites
mrsswordfisherman SWORDFISH

mrsswordfisherman

Posted
Posted

TIH, I don't want to start an argument over DNS but your explanation is not correct with regard to how the DNSChanger bug operates. The warning is valid, not because the bug is going to strike on July 9 but because the FBI is shutting down a particular DNS server the bug works through.

The bug works by changing the settings in a computer or router so it looks at only the DNS server that was run by the criminal network. it doesn't matter how many millions of DNS servers there are in the world, if your computer has been infected and is set to look at only those servers about to be shut down then you will lose your Internet on that computer.

There are a few removal methods. So if someone loses their Internet after 9 July for no good reason, it could be DNSChanger and it needs to be checked for as soon as possible.

TIH, it doesn't matter if someone sets their DHCP to auto or manual as DNSChanger overwrites this at a system level and the visible settings look normal, it's only if looking at an ipconfig diagnostic can the problem be discovered. Whatever manual changes are put in place DNSChanger simply and invisibly overwrites them again.

This was a very clever bug, it also masquerades as a DHCP server to computers on a local area network. So it can serve bogus DNS settings to a subnet and all the computers on it. If it gets into computers that are on a subnet serving routers getting DNS via DHCP then those lower hierarchy networks will all be affected.

Sysops and Admins on major networks have for a long time been filtering and blocking the IP addresses for DNSChanger, so affected computers on major networks would have lost Internet connectivity as soon as the filter went on and removed from service when the user complained that's its not working.

It's real, it's not a beat up and it will affect a lot of people - not as many as perhaps portrayed in the media but nonetheless it will be a lot, most of whom have no idea about how or why their computer works other than plugging in the power cord and pressing 'on'. The most popular method of infection was a 'video codec download' required by malicious porn and warez sites.

Thanks Testlab :thumbup:

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...