Slashdot Mirror

← Back to Stories (view on slashdot.org)

Paul Vixie: 100,000 DSL Modems May Lose Their DNS On July 9

Posted by timothy on from the blame-the-feds dept.

Dante_J writes "Up to 100,000 DSL modems may lose access to DNS come July the 9th, due to scripted web interface changes made to them by DNSChanger. This and other disturbing details were raised by respected Internet elder Paul Vixie during a presentation at the AusCERT 2012 conference."

4 of 193 comments (clear)

  1. Re:ISP should warn them by Zocalo · · Score: 3, Interesting
    That horse has long since bolted. The ISPs were notified, and it's also possible for them to check their IP space for infected hosts at the DNS Changer Working Group's website. The sad fact is that the ISPs in question have done the math and come to the conclusion that they can either:
    1. Notify their infected customers, at a cost of $x per customer, probably only to have most of their users either ignore the warning or contact the ISP's support line, potentially at additional cost to the ISP (unless they have a premium rate support service).
    2. Ignore the problem until the FBI's DNS servers are switched off, at which point, hopefully, many of the users will figure out the solution at no cost to the ISP reducing the burden on the ISP's support desk and costs. Hey, everyone has to keeps costs down, right?

    Bonus douchebag points for any ISPs that have a large number of infected customers and have, purely coincidentally of course, moved support calls to a premium rate number in the last few months.

    --
    UNIX? They're not even circumcised! Savages!
  2. Re:8.8.8.8 by Anonymous Coward · · Score: 2, Interesting

    feel free to operate your own resolvers

    I do. It's easy.

  3. TR-069 by stewwy · · Score: 4, Interesting

    Some modems implement this , TR-069 (remote config) protocol. At least some of the clueless should have this active, I'm surprised it's not used more widely by ISP's Of course anyone with half a brain will have it disabled,( do you want your ISP to control your router? ) and if you have it disabled at least you know your modem/router HAS a config page but still, it's for exactly this reason it's there.

  4. duh by IGnatius+T+Foobar · · Score: 3, Interesting

    So the malware guys found a bunch of unpatched DSL modems with a vulnerability that allowed the resolver to be reconfigured remotely, and pointed it towards the "bad" DNS servers.

    So why not just go to the "bad" DNS servers, which they now control, find out the IP addresses of the compromised modems, and use the same vulnerability to reconfigure the resolver to point back to "good" DNS servers?

    --
    Tired of FB/Google censorship? Visit UNCENSORED!