Running your own DNSchanger proxies

Jason Duerstock jason.duerstock at
Sun Jul 8 01:13:58 UTC 2012

As an intellectual exercise, I think this is interesting and worth the
effort.  As an actual implementation, I think it's more effective to block
DNS traffic to the affected subnets. Let the breakage occur, and then let
the end users get their broken machines fixed rather than let them continue
hobbling along with this hack in place.


On Sat, Jul 7, 2012 at 8:10 PM, Cameron Byrne <cb.list6 at> wrote:

> On the other thread i read that some ISP are running their own proxies
> for infected host.
> That sounded interesting, so i googled around to find out how to do
> that and i could not find a HOWTO, so imagined up a solution myself,
> tested it in VirtualBox, and wrote it down in case anyone finds it
> useful or has another approach
> I don't plan to use this solution, but it was interesting to think
> about and may be a good starting point in the unlikely event that some
> VP pushes the panic button on Monday.
> CB

More information about the NANOG mailing list