A couple of Indian dailies have picked up on 3 day old news reports that starting Tuesday Google will warn users of a ‘possible’ internet blackout from July 9th.
First of all the reports are misleading for the simple reason the possible blackout or inability to connect to internet is most likely to occur to users in US, Canada and Europe and less likely for users in India (it is possible though as several hundred PCs in India are still suspect). In any case, it will be individual users who will lose their internet access and it doesn’t mean a whole scale blackout.
The root of the original problem lies, as usual, in what else, but online criminal activity. Sometime back cybercriminals using a malware known as DNSChanger managed to change the DNS Server address of several hundred thousand PCs. The FBI in a takedown broke the crime ring, but installed a couple of ‘clean’ DNS servers to enable the infected machines access internet. Now, the FBI is all set to shut them down on July 8th.
So what has this got to do with Google? Last Tuesday Google announced in its blog that it will use a technique to detect possible infection when a user comes searching at Google and display an alert (in the preferred local language of the user) to warn him. Those warnings are due to appear from today.
So if you notice a warning when you Google for something, the PC is supposed to be infected with DNSChanger.
If you do not receive the warning, your PC is most likely safe, from DNSChanger, that is. In case you don’t want to wait on Google to do the dirty work for you, you can head straight to the specific FBI webpage [https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS] and check whether the PC is infected with DNS changer by:
If you get the all green message similar to the one above, forget about the whole issue, and go on your merry way. But if you see anything red with a warning instead, the PC (or Mac) is infected. Here are two excellent write-ups on cleaning a DNSChanger infection:
My own recommendations are:
**DNS Advantage DNS servers (156.154.70.1 and 156.154.71.1) are blazingly fast if you are located in India. They beat every other DNS Server hands down.
As a footnote, I never use my ISP’s DNS Server. On my home PC is it either DNS Advantage or OpenDNS. When asked for advice in homes with children who use PC, it is always ScrubIT filtered. For all others it is Comodo secure DNS auto install with Comodo Internet Security.
First of all the reports are misleading for the simple reason the possible blackout or inability to connect to internet is most likely to occur to users in US, Canada and Europe and less likely for users in India (it is possible though as several hundred PCs in India are still suspect). In any case, it will be individual users who will lose their internet access and it doesn’t mean a whole scale blackout.
The root of the original problem lies, as usual, in what else, but online criminal activity. Sometime back cybercriminals using a malware known as DNSChanger managed to change the DNS Server address of several hundred thousand PCs. The FBI in a takedown broke the crime ring, but installed a couple of ‘clean’ DNS servers to enable the infected machines access internet. Now, the FBI is all set to shut them down on July 8th.
So what has this got to do with Google? Last Tuesday Google announced in its blog that it will use a technique to detect possible infection when a user comes searching at Google and display an alert (in the preferred local language of the user) to warn him. Those warnings are due to appear from today.
So if you notice a warning when you Google for something, the PC is supposed to be infected with DNSChanger.
If you do not receive the warning, your PC is most likely safe, from DNSChanger, that is. In case you don’t want to wait on Google to do the dirty work for you, you can head straight to the specific FBI webpage [https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS] and check whether the PC is infected with DNS changer by:
- entering the DNS Server address inserted in your PC (or router) into the box - but you have to know the DNS Server address in the first place; or
- clicking on any one of the 9 URLs in the table below the box - those sites will tell you whether your PC is safe or not.
If you get the all green message similar to the one above, forget about the whole issue, and go on your merry way. But if you see anything red with a warning instead, the PC (or Mac) is infected. Here are two excellent write-ups on cleaning a DNSChanger infection:
- DNS Changer Working Group (DCWG) Fix webpage, or
- PCWorld webpage on DNSChanger removal.
My own recommendations are:
- *ScrubIT ‘filtered’ DNS servers: 67.138.54.100 and 207.225.209.66;
- **DNS Advantage DNS servers: 156.154.70.1 and 156.154.71.1;
- Comodo Secure DNS servers: 8.26.56.26 and 8.20.247.20;
- OpenDNS DNS servers: 208.67.222.222 and 208.67.220.220; and
- ScrubIT DNS Servers: 67.138.54.120 and 207.225.209.77.
**DNS Advantage DNS servers (156.154.70.1 and 156.154.71.1) are blazingly fast if you are located in India. They beat every other DNS Server hands down.
As a footnote, I never use my ISP’s DNS Server. On my home PC is it either DNS Advantage or OpenDNS. When asked for advice in homes with children who use PC, it is always ScrubIT filtered. For all others it is Comodo secure DNS auto install with Comodo Internet Security.
No comments:
Post a Comment