Re: CPE dns hijacking malware

Someone has to move. The defaults are really bad in dense deployments of 1,6,11. Always fun when we went to Japan in the early days and our equipment could not see channel 13 :-) Most need more fhss than single channel stuff. Jared Mauch > On Nov 12, 2013, at 2:18 PM, James Sink wrote: > >

Re: CPE dns hijacking malware

have been easier to simply change your > channel setting? > -James > > -Original Message- > From: Tom Morris [mailto:bluen...@gmail.com] > Sent: Tuesday, November 12, 2013 9:59 AM > Cc: NANOG list > Subject: Re: CPE dns hijacking malware > > EXTREMELY common. Almost al

Re: CPE dns hijacking malware

On 11/12/2013 3:54 PM, Larry Sheldon wrote: On 11/12/2013 3:24 PM, Larry Sheldon wrote: On 11/12/2013 12:12 AM, Dobbins, Roland wrote: On Nov 12, 2013, at 12:56 PM, Mike wrote: It appears that some of my subscribers DSL modems (which are acting as nat routers) have had their dns settings hi

Re: CPE dns hijacking malware

On 11/12/2013 3:24 PM, Larry Sheldon wrote: On 11/12/2013 12:12 AM, Dobbins, Roland wrote: On Nov 12, 2013, at 12:56 PM, Mike wrote: It appears that some of my subscribers DSL modems (which are acting as nat routers) have had their dns settings hijacked and presumably for serving ads or some

RE: CPE dns hijacking malware

t, but wouldn't it have been easier to simply change your channel setting? -James -Original Message- From: Tom Morris [mailto:bluen...@gmail.com] Sent: Tuesday, November 12, 2013 9:59 AM Cc: NANOG list Subject: Re: CPE dns hijacking malware EXTREMELY common. Almost all Comcast Cab

Re: CPE dns hijacking malware

channel mine was on That was probably not a great idea, but you do what you have to sometimes. On Tue, Nov 12, 2013 at 10:57 AM, Matthew Galgoci wrote: > > Date: Tue, 12 Nov 2013 06:35:51 + > > From: "Dobbins, Roland" > > To: NANOG list > > Subject: Re: CPE

Re: CPE dns hijacking malware

On Nov 12, 2013, at 10:57 PM, Matthew Galgoci wrote: > It's probably more common than one would expect. Concur 100%. --- Roland Dobbins //

Re: CPE dns hijacking malware

> Date: Tue, 12 Nov 2013 06:35:51 + > From: "Dobbins, Roland" > To: NANOG list > Subject: Re: CPE dns hijacking malware > > > On Nov 12, 2013, at 1:17 PM, Jeff Kell wrote: > > > (2) DHCP hijacking daemon installed on the client, supplying the hijac

Re: CPE dns hijacking malware

On Nov 12, 2013, at 1:17 PM, Jeff Kell wrote: > (2) DHCP hijacking daemon installed on the client, supplying the hijacker's > DNS servers on a DHCP renewal. Have seen both, the latter being more > common, and the latter will expand across the entire home subnet in time > (based on your lease

Re: CPE dns hijacking malware

On 11/12/2013 1:12 AM, Dobbins, Roland wrote: > On Nov 12, 2013, at 12:56 PM, Mike wrote: > >> It appears that some of my subscribers DSL modems (which are acting as nat >> routers) have had their dns settings hijacked and presumably for serving ads >> or some such nonsense. > How do you think

Re: CPE dns hijacking malware

On Nov 12, 2013, at 12:56 PM, Mike wrote: > It appears that some of my subscribers DSL modems (which are acting as nat > routers) have had their dns settings hijacked and presumably for serving ads > or some such nonsense. How do you think this was accomplished? Via some kind of Web exploit

CPE dns hijacking malware

Hi, It appears that some of my subscribers DSL modems (which are acting as nat routers) have had their dns settings hijacked and presumably for serving ads or some such nonsense. The dns server addresses are statically programmed in and of the onces I have seen, they are not currently respons