Gentoo Archives: gentoo-user

From: Mike Edenfield <kutulu@××××××.org>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Somewhat OT: Any truth to this mess?
Date: Sat, 18 Feb 2012 16:37:09
Message-Id: 4F3FD33A.90605@kutulu.org
In Reply to: [gentoo-user] Somewhat OT: Any truth to this mess? by Dale
1 On 2/18/2012 5:26 AM, Dale wrote:
2 > Howdy,
3 >
4 > I ran across this and though it was a joke. Did a news search and sure
5 > enough, it is reported in lots of places. Random linky:
6 >
7 > http://www.dailymail.co.uk/news/article-2102856/Will-FBI-shut-Internet-March-8-virus-concerns.html?ito=feeds-newsxml
8 >
9 > Is there any truth to this mess? My bigger and better question, how is
10 > shutting down the internet going to fix this? When the net comes back
11 > up, they are still going to be infected. Right?
12
13 As usual, the headline has things completely backwards; if
14 you actually read the article and ignore the headline you
15 will get something closer to reality:
16
17 * There is a fairly large botnet that works by hijacking the
18 DNS settings of the machines it infects, and redirecting
19 them to rogue DNS servers.
20
21 * The rogue DNS servers resolve all DNS requests by
22 returning the IPs of various scam sites etc. that the botnet
23 owners get paid for.
24
25 * The FBI and the Dutch national police, stepped in and
26 arrested those in charge of the botnet.
27
28 * 120 days ago -- Nov 8 -- they dismantled the botnet's core
29 network and replaced the rogue DNS servers with legitimate
30 ones serving legitimate DNS zone information.
31
32 * On March 8 the FBI will turn off their stand-in DNS servers.
33
34 If you aren't infected by this botnet you won't notice
35 anything. If you are still infected by this botnet your DNS
36 servers will vanish (and, in theory, someone could step in
37 and replace them, depending on what happens to the allocated
38 IPs).
39
40 --Mike

Replies

Subject Author
[gentoo-user] Re: Somewhat OT: Any truth to this mess? walt <w41ter@×××××.com>