FBI might shutdown the Internet on March 8
A malware family known as the DNSChanger trojan, associated with the founder of the now shutdown ESTDomains, also has malicious DNS servers.
The malicious DNS servers may come down on 3/8/12 but that does NOT mean the Internet will be shutdown.
What Does DNSChanger Do to My Computer?
DNSChanger malware causes a computer to use rogue DNS servers in one of two ways.
First, it changes the computer’s DNS server settings to replace the ISP’s good DNS servers
with rogue DNS servers operated by the criminal. Second, it attempts to access devices on
the victim’s small office/home office (SOHO) network that run a dynamic host configuration
protocol (DHCP) server (eg. a router or home gateway). This is a change that may impact all computers on the SOHO network, even if those computers are not infected with the malware.
Am I Infected?
You can check it from here :
Checking the Computer:
1)If you are using a Windows computer, open a command prompt. This can be done by
selecting Run from the Start Menu and entering cmd.exe
2)Write This command ipconfig /all on command prompt
3)Look for the entry that reads “DNS Servers”
The numbers on this line and the line(s) below it are the IP addresses for your DNS server
These numbers are in the format of 000.000.000.000, where 000 is a number in the range
of 0 to 255. Make note of the IP addresses for the DNS servers and compare them to the
Rogue DNS Servers from table :
85.255.112.0 through 85.255.127.255
If your computer is configured to use one or more of the rogue DNS servers, it may b
infected with DNSChanger malware.
if your DNS servers do not start with 85, 67, 93, 77, 213, or 64, you can move on to the next step
4)Home computers with high-speed Internet connections and office computers typically obtain
their IP settings via DHCP from a device on the network.
In these cases, the computers are provided with an IP address, default gateway, and DNS server settings.
The IP addresses usually fall into one of three ranges of private addresses :
In most homes, computers
are assigned an IP address in the range 192.168.1.2 to 192.168.1.254, and the default
gateway and DNS servers are set to 192.168.1.1.
5)Now If your dns server is not in the above range then it might fall in faulty range
DNS Faulty Server Range Given Below
64.28.176.0 to 64.28.191.255
67.210.0.0 to 67.210.15.255
77.67.83.0 to 77.67.83.255
85.255.112.0 to 5.255.127.255
93.188.160.0 to 3.188.167.255
213.109.64.0 to 13.109.79.255
If your computer is configured to the above given range then it is effected.
For More Info You Can Visit : check-to-see-if-your-computer-is-using-rogue-DNS
A malware family known as the DNSChanger trojan, associated with the founder of the now shutdown ESTDomains, also has malicious DNS servers.
The malicious DNS servers may come down on 3/8/12 but that does NOT mean the Internet will be shutdown.
What Does DNSChanger Do to My Computer?
DNSChanger malware causes a computer to use rogue DNS servers in one of two ways.
First, it changes the computer’s DNS server settings to replace the ISP’s good DNS servers
with rogue DNS servers operated by the criminal. Second, it attempts to access devices on
the victim’s small office/home office (SOHO) network that run a dynamic host configuration
protocol (DHCP) server (eg. a router or home gateway). This is a change that may impact all computers on the SOHO network, even if those computers are not infected with the malware.
Am I Infected?
You can check it from here :
Checking the Computer:
1)If you are using a Windows computer, open a command prompt. This can be done by
selecting Run from the Start Menu and entering cmd.exe
2)Write This command ipconfig /all on command prompt
3)Look for the entry that reads “DNS Servers”
The numbers on this line and the line(s) below it are the IP addresses for your DNS server
These numbers are in the format of 000.000.000.000, where 000 is a number in the range
of 0 to 255. Make note of the IP addresses for the DNS servers and compare them to the
Rogue DNS Servers from table :
85.255.112.0 through 85.255.127.255
67.210.0.0 through 67.210.15.255
93.188.160.0 through 93.188.167.255
77.67.83.0 through 77.67.83.255
213.109.64.0 through 213.109.79.255
64.28.176.0 through 64.28.191.255
213.109.64.0 through 213.109.79.255
64.28.176.0 through 64.28.191.255
If your computer is configured to use one or more of the rogue DNS servers, it may b
infected with DNSChanger malware.
if your DNS servers do not start with 85, 67, 93, 77, 213, or 64, you can move on to the next step
4)Home computers with high-speed Internet connections and office computers typically obtain
their IP settings via DHCP from a device on the network.
In these cases, the computers are provided with an IP address, default gateway, and DNS server settings.
The IP addresses usually fall into one of three ranges of private addresses :
192.168.0.0 to 192.168.255.255;
172.16.0.0 to 172.31.255.255;
10.0.0.0 to 10.255.255.255.
In most homes, computers
are assigned an IP address in the range 192.168.1.2 to 192.168.1.254, and the default
gateway and DNS servers are set to 192.168.1.1.
5)Now If your dns server is not in the above range then it might fall in faulty range
DNS Faulty Server Range Given Below
64.28.176.0 to 64.28.191.255
67.210.0.0 to 67.210.15.255
77.67.83.0 to 77.67.83.255
85.255.112.0 to 5.255.127.255
93.188.160.0 to 3.188.167.255
213.109.64.0 to 13.109.79.255
If your computer is configured to the above given range then it is effected.
For More Info You Can Visit : check-to-see-if-your-computer-is-using-rogue-DNS
No comments:
Post a Comment