digg

Join DiggAbout

Discover the best of the web!
Learn more about Digg by taking the tour.

Use of Rogue DNS Servers on Rise

physorg.com — They're called "servers that lie." Mendacious machines controlled by hackers that reroute Internet traffic from infected computers to fraudulent Web sites are increasingly being used to launch attacks, according to a paper published this week by researchers with the Georgia Institute of Technology and Google Inc.

Bury
show profanity settings
expand all
  • tringtring, on 02/15/2008, -7/+2Looks like soon DNS will be = Do Not Steal
    • weeeezzll, on 02/15/2008, -0/+1Hope this doesn't end up like the SPAM email situation... *sigh*
    • Laiden, on 02/15/2008, -0/+1What? No it won't.
  • Y0tsuya, on 02/15/2008, -12/+5Good thing I run my own DNS server, behind a firewall.
    • Dokument, on 02/15/2008, -1/+9yeah... I think you are missing something there.
    • wesw02, on 02/15/2008, -1/+1Is your server magic?
    • fogster, on 02/15/2008, -0/+5Did you read the article? The problem is that client PCs are being (maliciously) reconfigured to use DNS servers returning bogus results, to steal their traffic.

      Your firewalled DNS server won't do you any good when your clients are reconfigured to not use it.
  • angusm, on 02/15/2008, -3/+33This hideous threat to the Internet brought to you by ... owned Windows boxes. Again.

    On the bright side, if you're able to adequately secure your own machine, you should be fairly safe (unless your upstream DNS provider gets owned, but that's a different matter). The people who are at risk from this are those who allow their insecure boxes to get infected by something that messes with the DNS config. Of course that could potentially happen to anyone. Given the existence of zero-day exploits in most OS's, even the penguin-fanciers and fruit-fanatics may not get to feel smug indefinitely.
    • lohwengk, on 02/15/2008, -7/+0It's not just the Windows users at risk, you know. Not everyone lives in the US. The rest of us are stuck with DNS provided by service providers who are reputed to be a few years behind the technology curve. This means that even Mac and Linux users are at risk.
    • dbr_onix, on 02/15/2008, -0/+2Well, this is hardly a new thing. Viruses have been hijacking websites, well, for as long as spy/adware has been around.

      It's also not really a problem.. It only effects you if your computer has some kind of virus - in which case you are *always* going to have problems like this. It doesn't even have to screw with the DNS server configuration - it could just edit the /etc/hosts file to point any domain-name to any IP address, and Mr Evil Hacker wouldn't have to worry about running a DNS server
    • jabberwolf, on 02/15/2008, -0/+1Um DNS spoofing can be done by any server not just MS dumbass. It's DNS redirection, it all depends what servers you trust to tell the truth, whether they be MS UNIX or OTHER.
  • wwnexc, on 02/15/2008, -2/+8Just do not always log in as root / administrator. This will greatly reduce your chances of becoming a victim.
    • fogster, on 02/15/2008, -6/+2Tell that to the average Windows user, whose computer already has hundreds of viruses on it.
    • Meatshield, on 02/15/2008, -0/+4Not going to cut it on some Windows versions sadly. You can either easily elevate with the right permissions (which malicious and smart coders could manage) or have no "admin" and all users are such.

      Or, even better, it could sleep until it notices you got on as admin (for Ubuntu Linux if you were to install some software with sudo for example) and then be unleashed in a Trojan horse style.

      Hackers are always one step ahead. There's not a real good way to get around it. You just have to do everything you can to keep up.
      • bobbob1016, on 02/15/2008, -0/+1Hence the reason I run anti-viruses on my Mac and Linux, ClamAV, free, and better than nothing, MUCH better than Norton.
    • lohwengk, on 02/15/2008, -0/+2Easier said than done. In my experience, too many programs from valid publishers insist that you need Administrator rights to install them.
  • JAG731, on 02/15/2008, -0/+26I just replaced my computer with an abacus - try hackin' that!
    • InsaneMachine, on 02/15/2008, -0/+18*Shifts some beads around.*
    • yugiohdan6, on 02/15/2008, -1/+2824680887 (convert to binary)
      • yugiohdan6, on 02/15/2008, -1/+2nevermind... the number should have been MUCH larger than that...
        that number was supposed to be the decimal representation of 001100010010011110100001101101110011
    • myunamewastaken, on 02/15/2008, -1/+2001110000011001000110100001101100011100000110000001110000011100000110111
    • TremorX, on 02/15/2008, -1/+2Axe + Finger = pwned ur *****
  • scy1192, on 02/15/2008, -1/+10OpenDNS uses open source so its invincible... right!?
    • ThreeDee912, on 02/15/2008, -0/+5OpenDNS uses 5 redundant datacenters in various parts of the world, so if some go down, the rest will pick up the load. If they all fail, well...
  • sporg, on 02/15/2008, -0/+9Some how I'm just not worried.

    This just in " Rogue Sea Gulls on the Rise"

    Beach goers urged to protect their bags of chips.
  • localhost6881, on 02/15/2008, -0/+14root@127.0.0.1# nslookup 127.0.0.1
    nameserver error - timeout contacting 127.0.0.1
    nameserver error [this DNS entry has been deleted due to copyright infringement claim by Church of Scientology International]
    • ORMEs, on 02/15/2008, -0/+1One of the octets matched one of their Cult street address #'s ?
    • void, on 02/15/2008, -0/+1Too much build up for a bad punchline
    • Laiden, on 02/15/2008, -0/+5Why are you looking up my IP address?
    • DestroyFascism, on 02/15/2008, -0/+1Damn Pwnt my home server....

      noob@localhost
  • ORMEs, on 02/15/2008, -0/+11A thousand Rick Rolls descend upon you
  • dupswapdrop, on 02/15/2008, -0/+1I use my old atari st to connect to the internet hack that!
  • digitallysick, on 02/15/2008, -0/+2Open DNS programmed in your router and your nix or apple box should be fine
  • tcpip4lyfe, on 02/15/2008, -1/+1The servers are a lie.
  • philodygmn, on 02/15/2008, -0/+1What we need is a one-way direct-link trust system like PGP. What a named address means to you should be up to _you_, just like tags and search terms' meanings should be. End single-namespace tyranny!

    http://web.mac.com/dynamist/iWeb/dynamist/ideas/A0 ...
  • pigfister, on 02/15/2008, -1/+2OOOOOO scare monger tactics, don't use openDNS ppl let your government block the web and restrict freedom of speech instead!
    • DestroyFascism, on 02/15/2008, -0/+2But we should give up our freedoms for security, just like the chick in England stated on Freedom to Fascism.


      (Rolls eyes)
    • ThreeDee912, on 02/28/2008, -0/+1replied to wrong post. bury... :-/
  • Closeminded5228, on 02/15/2008, -0/+1Rogue DNS Servers? Awesome! They'll go well with my t-shirt! http://tinyurl.com/3by3ho
  •  

    Login or register to add a comment

    Create a new account or login to join in the conversation on Digg. You'll also be able to Digg stories to help promote things you like.


© Digg Inc. 2008 — Content posted by Digg users is dedicated to the public domain.
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.