Feeds

back to article ISPs step in to supply DNSChanger safety net

The DNSChanger Working Group's replacement DNS servers were taken offline as scheduled on Monday, 9 July. However, rather than leaving an estimated 300,000 machines without internet services it seems that many ISP have configured their own substitute DNS servers, so that at least some pox-ridden machines still have a safety net …

COMMENTS

This topic is closed for new posts.

If it was up to me...

...I'd keep the DNS servers, for a limited period of time, up but redirect all requests to a page giving instructions on how to fix the problem. I see no reason to support infected machines indefinitely.

21
1
Paris Hilton

Re: If it was up to me...

Should have done this from Day One. In any case, I still cannot subscribe to the idea of putting in resources to keep infected machines operable. The sooner they "break" the sooner they'll be fixed.

Paris, long broken

3
1
Anonymous Coward

Re: If it was up to me...

I think you are right, the FBI shouldn't have even bothered in the first place.

"The sooner they break the sooner they get fixed"

EXACTLY!

3
1
Anonymous Coward

Some in Corporate news are reporting this as a false flag attack!

What a joke.

The MSM doesn't report TCPIP correctly -- ever.

For the PARANOID IDIOTS who actually are effected/infected.

1. REMOVE THE WORM OFF YOUR BOXEN

Use whatever method you want, I like D7 myself.

2. CALL YOUR ISP AND GET YOUR PRIMARY AND SECONDARY DNS, GO TO NETWORK SETTINGS AND TYPE THEM IN.

Now you aren't using the FBI's DNS Server.

I know that's hard for you all to understand, especially with all the misinformation

( Where misinformation = http://www.google.com/search?q=DNS+changer+false+flag )

by the media.

1
5

Re: Some in Corporate news are reporting this as a false flag attack!

You appear to be confusing The Media with a few Internet conspiracy kooks.

0
0
Anonymous Coward

I stand corrected Chris3

Damn. Your right, what was I thinking.

Except, while looking closely, the information appears to be based on videos by local TV stations

Anyway, you are right I wasn't sure if I should have stated it

Where You =

instead of

Where Misinformation =

The truth is I didn't want to point at specific websites, because some of them have legit arguments of other topics on them.

0
0
Silver badge
Thumb Down

Why?

Why? Why? Why? Why? Why? Why? Why? Why? Why? Why? Why? Why? Why? Why? Why?

With all the publicity, if the idiots can't be bothered to sort themselves out let 'em burn.

4
1
Windows

two things

1. Last week I heard countless media stories completely misreporting this, that "all of these computers would lose their connection to the internet". !!?!?!?!?!? OH NOOOEEEESS?!?!?!?!?!?

2. For as many ISP's that would like to do the right thing and keep granny's infected box running, you'd think that Microsoft, or Dell, or HP, would buy up the IP addresses and redirect everyone to a page telling them that their computer was broken and to buy a new one ASAP!?!?! I bet they spend a lot more money shifting 300,000 PC's, this would be cheap advertising.

I completely agree that if those things aren't fixed by now then screw 'em. If all of this crap reporting hasn't triggered people into doing something then it is pretty unlikely that they're going to wake up with a clue at this point.

0
0
Anonymous Coward

Re: two things

"keep granny's infected box running"

ewwwwwwwww!

3
1
Bronze badge
Holmes

not really the users they care about

It seems they're not doing this to support the poor dear users who won't be able to use facebook, but because the ISPs don't want to handle the support calls.

0
1
Flame

Re: not really the users they care about

Why should the ISP be on the hook for cleaning up someones virus ridden POS anyhow?

1
1
FAIL

Re: Re: not really the users they care about

No one said that the ISP is on the hook. But that won't stop users from calling them anyway.

0
0
Bronze badge

Taper them off

They know the IPs of the infected users so why not have each ISP cut off a few people each day (just have a shell script that adds 10-15 address to the firewall each day) then deal with the calls of people that no longer have a connection. Tech support will not be overwhelmed if done properly and they will no longer have to run these servers. Done right, it will be very painless and the most they'd need is one more Support Drone for a couple months.

2
0
Silver badge
Stop

Shut down, turn off

Find the box it came in

Return

0
0

Seriously?

>>3 support calls?

Seriously? 3? A whole THREE support calls. Gees. Not three hundred, or a three thousand, but three?

0
0
IT Angle

What doesn't appear broken never gets fixed

Sigh.... while I can understand wanting to "help" customers by making sure they have access.... these machines are likely ridden with other spy/malware and the user is likely completely unaware "because everything works as normal".

If the ISP's really wanted to help, offer tech support calls who'll come and try and fix the infection for you. Yeah right, and then get sued because someones photos no longer open or something absurd like that. I know :(

4
0
Boffin

I think the biggest problem to overcome is people who don't understand what the problem is. So the temporary DNS servers get switch off and they can no longer resolve hostnames. How many will just assume it's another virus and buy something like Norton, or just ignore it? Their ISP may well email them to say what to do, but those are very easy to spoof judging by all the spam "your mailbox has exceeded its limits" emails I get. El Reg obviously has quite a technically aware audience but I know some people think everything hangs off Google and even type URLs into the search box. Trying to explain the vagaries of DNS and DHCP to them can be very difficult. Personally I'd write to infected customers using ye olde paper letters complete with illustrated step-by-step instructions on how to find and fix the problem, and then have a helpline number if they get stuck.

0
0
Pint

My wife types urls in the google box.... she knows she shouldn't/doesn't need to but she does it because thats where the cursor is to start with...

Interestingly I found this means she hardly ever manages to typo a url as google will suggest the correct one pretty swiftly, and they do at least "try" and filter out bad pages too :)

1
0
Anonymous Coward

Probably better to not prolong the problem

IMO it would be better to fix the contaminated PCs now.

0
0
This topic is closed for new posts.