On 2/18/2012 5:26 AM, Dale wrote:
Howdy,
I ran across this and though it was a joke. Did a news search and sure
enough, it is reported in lots of places. Random linky:
http://www.dailymail.co.uk/news/article-2102856/Will-FBI-shut-Internet-March-8-virus-concerns.html?ito=feeds-newsxml
Is there any truth to this mess? My bigger and better question, how is
shutting down the internet going to fix this? When the net comes back
up, they are still going to be infected. Right?
As usual, the headline has things completely backwards; if
you actually read the article and ignore the headline you
will get something closer to reality:
* There is a fairly large botnet that works by hijacking the
DNS settings of the machines it infects, and redirecting
them to rogue DNS servers.
* The rogue DNS servers resolve all DNS requests by
returning the IPs of various scam sites etc. that the botnet
owners get paid for.
* The FBI and the Dutch national police, stepped in and
arrested those in charge of the botnet.
* 120 days ago -- Nov 8 -- they dismantled the botnet's core
network and replaced the rogue DNS servers with legitimate
ones serving legitimate DNS zone information.
* On March 8 the FBI will turn off their stand-in DNS servers.
If you aren't infected by this botnet you won't notice
anything. If you are still infected by this botnet your DNS
servers will vanish (and, in theory, someone could step in
and replace them, depending on what happens to the allocated
IPs).
--Mike
