nanog mailing list archives
Re: DNS Changer items
From: Nick Semenkovich <semenko () alum mit edu>
Date: Fri, 6 Jul 2012 16:44:28 -0500
We've been doing this for subscribers (including free community ones) since we got the sinkhole IPs from Andrew @ SIE/MAAWG.
At least now, the the ranges are publicly outlined in http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf 85.255.112.0 through 85.255.127.255 67.210.0.0 through 67.210.15.255 93.188.160.0 through 93.188.167.255 77.67.83.0 through 77.67.83.255 213.109.64.0 through 213.109.79.255 64.28.176.0 through 64.28.191.255 These also return the "RED" dnschanger page: $ dig +short @64.28.180.1 dns-ok.us 38.68.193.97 - Nick -- Nick Semenkovich Laboratory of Dr. Jeffrey I. Gordon Medical Scientist Training Program School of Medicine Washington University in St. Louis http://web.mit.edu/semenko/
Current thread:
- DNS Changer items Eric J Esslinger (Jul 06)
- Re: DNS Changer items Jared Mauch (Jul 06)
- Re: DNS Changer items Robert Bonomi (Jul 06)
- Re: DNS Changer items Andrew Fried (Jul 06)
- Re: DNS Changer items valdis . kletnieks (Jul 06)
- Re: DNS Changer items Seth Mattinen (Jul 06)
- Re: DNS Changer items Cameron Byrne (Jul 06)
- Re: DNS Changer items Merike Kaeo (Jul 06)
- RE: DNS Changer items Eric J Esslinger (Jul 06)
- RE: DNS Changer items Tomas L. Byrnes (Jul 06)
- Re: DNS Changer items Nick Semenkovich (Jul 06)
- Re: DNS Changer items valdis . kletnieks (Jul 06)
- Re: DNS Changer items Jared Mauch (Jul 06)
- Re: DNS Changer items valdis . kletnieks (Jul 06)
- Re: DNS Changer items Roy (Jul 06)
- RE: DNS Changer items Tomas L. Byrnes (Jul 06)
- Re: DNS Changer items Andrew Fried (Jul 06)
- RE: DNS Changer items Tomas L. Byrnes (Jul 06)
- Re: DNS Changer items Andrew Fried (Jul 06)
- Re: DNS Changer items Roy (Jul 06)
- Re: DNS Changer items Andrew Fried (Jul 06)
- Re: DNS Changer items Jay Ashworth (Jul 07)
- Re: DNS Changer items Owen DeLong (Jul 13)