US DOJ victim letter
Lane Powers
lane.powers at swat.coop
Thu Jan 19 21:27:43 UTC 2012
We took the CIDR blocks listed here;
http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-ma
lware.pdf
And ran them against net flow data from our external links and were able
to generate a list of subscriber IP addresses that were using the rogue
DNS servers.
Lane
--
Lane Powers
Southwest Arkansas Tel
On 1/19/12 3:19 PM, "Chris Adams" <cmadams at hiwaay.net> wrote:
>Once upon a time, Andrew D. Dibble <adibble at quantcast.com> said:
>> FBI seems to have a list of netblocks hosting rogue DNS servers here:
>> https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS
>
>So should I try to type in all the IPs on my network, one at a time? Oh
>wait, that page requires Javascript to check an IP; like I'm going to
>allow the FBI to run JS on my computer.
>
>--
>Chris Adams <cmadams at hiwaay.net>
>Systems and Network Administrator - HiWAAY Internet Services
>I don't speak for anybody but myself - that's enough trouble.
>
>
More information about the NANOG
mailing list