Slashdot Mirror
TimeWarner DNS Hijacking
Exstatica writes "It looks like TimeWarner is taking vigilante action on the botnet problem. They've hijacked DNS for a few IRC servers, the latest being irc.mzima.net and irc.nac.net — both part of EFNet. (irc.vel.net was hijacked earlier but has been restored.) Using ns1.sd.cox.net, the lookup returns an IP for what looks to be a script that forces the user into a channel and issues a set of commands to clean the drones. There have been different reports of other IRC networks being hijacked and other DNS servers involved. Is this the right way to handle the botnet problem? Is hijacking DNS legal?" Botnets are starting to move off of IRC for command and control, anyway.
Update: 07/24 00:01 GMT by KD : Updated and added more links; thanks to Drew Matthews at vel.net. 07/24 11:52 GMT by KD : Daniel Haskell wrote in to say that ircd.nac.net is seeing cox.net connections again, and that they are in discussion with the EFF over the matter.
Update: 07/24 00:01 GMT by KD : Updated and added more links; thanks to Drew Matthews at vel.net. 07/24 11:52 GMT by KD : Daniel Haskell wrote in to say that ircd.nac.net is seeing cox.net connections again, and that they are in discussion with the EFF over the matter.
Leet-man dedazo insultingly blames the users again:
The botnet's root cause is not "Windoze", it's the people who are ignorant or lazy enough to let their computers be taken over by trojans and worms. Since it's stupidly simple to avoid that, the problem lies squarely between keyboard and chair.
Both ignorance and apathy would be cured by kicking off infected computers. I'd be looking forward to "responsible user" dedazo being kicked off but I think the PR firm he works for uses a botnet to post all it's pro M$ blather, so he could stay one step ahead of the terminations.
Interestingly enough, he scornfully proposes the right solution:
[lots of namecalling for normal computer users] You know what? You're more than welcome to them.
That wold be cool. Steve Jobs does not have a problem with average users on Apple. Sun does not have a problem with Solaris in hospitals. No one but M$ has a problem and liberating their users would be a great thing for everyone. It can't be done by force but it will happen when people have knowledge and choices.
Friends don't help friends install M$ junk.