digg

Facebook Connect Join Digg About

Use of Rogue DNS Servers on Rise

physorg.com They're called "servers that lie." Mendacious machines controlled by hackers that reroute Internet traffic from infected computers to fraudulent Web sites are increasingly being used to launch attacks, according to a paper published this week by researchers with the Georgia Institute of Technology and Google Inc.

Who dugg this? Made popular Feb 15, 2008

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

42 Comments

show profanity settings
expand all
  • angusm, on 02/15/2008, -3/+33This hideous threat to the Internet brought to you by ... owned Windows boxes. Again.

    On the bright side, if you're able to adequately secure your own machine, you should be fairly safe (unless your upstream DNS provider gets owned, but that's a different matter). The people who are at risk from this are those who allow their insecure boxes to get infected by something that messes with the DNS config. Of course that could potentially happen to anyone. Given the existence of zero-day exploits in most OS's, even the penguin-fanciers and fruit-fanatics may not get to feel smug indefinitely.
  • JAG731, on 02/15/2008, -0/+26I just replaced my computer with an abacus - try hackin' that!
  • InsaneMachine, on 02/15/2008, -0/+18*Shifts some beads around.*
  • localhost6881, on 02/15/2008, -0/+14root@127.0.0.1# nslookup 127.0.0.1
    nameserver error - timeout contacting 127.0.0.1
    nameserver error [this DNS entry has been deleted due to copyright infringement claim by Church of Scientology International]
  • ORMEs, on 02/15/2008, -0/+11A thousand Rick Rolls descend upon you
  • scy1192, on 02/15/2008, -1/+10OpenDNS uses open source so its invincible... right!?
  • inactive, on 02/15/2008, -0/+9Some how I'm just not worried.

    This just in " Rogue Sea Gulls on the Rise"

    Beach goers urged to protect their bags of chips.
  • Dokument, on 02/15/2008, -1/+9yeah... I think you are missing something there.
  • inactive, on 02/15/2008, -0/+7http://www.noob.us/entertainment/seagull-caught-st ...
  • mattmcm, on 02/15/2008, -0/+7*Universe implodes.*
  • wwnexc, on 02/15/2008, -2/+8Just do not always log in as root / administrator. This will greatly reduce your chances of becoming a victim.
  • fogster, on 02/15/2008, -0/+5Did you read the article? The problem is that client PCs are being (maliciously) reconfigured to use DNS servers returning bogus results, to steal their traffic.

    Your firewalled DNS server won't do you any good when your clients are reconfigured to not use it.
  • Laiden, on 02/15/2008, -0/+5Why are you looking up my IP address?
  • ThreeDee912, on 02/15/2008, -0/+5OpenDNS uses 5 redundant datacenters in various parts of the world, so if some go down, the rest will pick up the load. If they all fail, well...
  • Meatshield, on 02/15/2008, -0/+4Not going to cut it on some Windows versions sadly. You can either easily elevate with the right permissions (which malicious and smart coders could manage) or have no "admin" and all users are such.

    Or, even better, it could sleep until it notices you got on as admin (for Ubuntu Linux if you were to install some software with sudo for example) and then be unleashed in a Trojan horse style.

    Hackers are always one step ahead. There's not a real good way to get around it. You just have to do everything you can to keep up.
  • inactive, on 02/15/2008, -0/+2Open DNS programmed in your router and your nix or apple box should be fine
  • inactive, on 02/15/2008, -0/+2But we should give up our freedoms for security, just like the chick in England stated on Freedom to Fascism.


    (Rolls eyes)
  • lohwengk, on 02/15/2008, -0/+2Easier said than done. In my experience, too many programs from valid publishers insist that you need Administrator rights to install them.
  • dbr_onix, on 02/15/2008, -0/+2Well, this is hardly a new thing. Viruses have been hijacking websites, well, for as long as spy/adware has been around.

    It's also not really a problem.. It only effects you if your computer has some kind of virus - in which case you are *always* going to have problems like this. It doesn't even have to screw with the DNS server configuration - it could just edit the /etc/hosts file to point any domain-name to any IP address, and Mr Evil Hacker wouldn't have to worry about running a DNS server
  • yugiohdan6, on 02/15/2008, -1/+2nevermind... the number should have been MUCH larger than that...
    that number was supposed to be the decimal representation of 001100010010011110100001101101110011
  • yugiohdan6, on 02/15/2008, -1/+2824680887 (convert to binary)
  • weeeezzll, on 02/15/2008, -0/+1Hope this doesn't end up like the SPAM email situation... *sigh*
  • myunamewastaken, on 02/15/2008, -1/+2001110000011001000110100001101100011100000110000001110000011100000110111
  • ORMEs, on 02/15/2008, -0/+1One of the octets matched one of their Cult street address #'s ?
  • inactive, on 02/15/2008, -0/+1I use my old atari st to connect to the internet hack that!
  • inactive, on 02/15/2008, -1/+2Axe + Finger = pwned ur *****
  • inactive, on 02/15/2008, -1/+2what are you, a ***** echo?
  • Laiden, on 02/15/2008, -0/+1What? No it won't.
  • bobbob1016, on 02/15/2008, -0/+1Hence the reason I run anti-viruses on my Mac and Linux, ClamAV, free, and better than nothing, MUCH better than Norton.
  • ThreeDee912, on 02/28/2008, -0/+1replied to wrong post. bury... :-/
  • void, on 02/15/2008, -0/+1Too much build up for a bad punchline
  • philodygmn, on 02/15/2008, -0/+1What we need is a one-way direct-link trust system like PGP. What a named address means to you should be up to _you_, just like tags and search terms' meanings should be. End single-namespace tyranny!

    http://web.mac.com/dynamist/iWeb/dynamist/ideas/A0 ...
  • Closeminded5228, on 02/15/2008, -0/+1Rogue DNS Servers? Awesome! They'll go well with my t-shirt! http://tinyurl.com/3by3ho
  • inactive, on 02/15/2008, -0/+1Damn Pwnt my home server....

    noob@localhost
  • inactive, on 02/15/2008, -0/+1Um DNS spoofing can be done by any server not just MS dumbass. It's DNS redirection, it all depends what servers you trust to tell the truth, whether they be MS UNIX or OTHER.
  • pigfister, on 02/15/2008, -1/+2OOOOOO scare monger tactics, don't use openDNS ppl let your government block the web and restrict freedom of speech instead!
  • wesw02, on 02/15/2008, -1/+1Is your server magic?
  • tcpip4lyfe, on 02/15/2008, -1/+1The servers are a lie.
  • fogster, on 02/15/2008, -6/+2Tell that to the average Windows user, whose computer already has hundreds of viruses on it.
  • tringtring, on 02/15/2008, -7/+2Looks like soon DNS will be = Do Not Steal
  • lohwengk, on 02/15/2008, -7/+0It's not just the Windows users at risk, you know. Not everyone lives in the US. The rest of us are stuck with DNS provided by service providers who are reputed to be a few years behind the technology curve. This means that even Mac and Linux users are at risk.
  • Y0tsuya, on 02/15/2008, -12/+5Good thing I run my own DNS server, behind a firewall.

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.