CPE dns hijacking malware

• Previous message (by thread): CPE dns hijacking malware
• Next message (by thread): CPE dns hijacking malware
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Nov 12, 2013, at 1:17 PM, Jeff Kell <jeff-kell at utc.edu> wrote:

> (2) DHCP hijacking daemon installed on the client, supplying the hijacker's DNS servers on a DHCP renewal.  Have seen both, the latter being more
> common, and the latter will expand across the entire home subnet in time (based on your lease interval)

I'd (perhaps wrongly) assumed that this probably wasn't the case, as the OP referred to the CPE devices themselves as being malconfigured; it would be helpful to know if the OP can supply more information, and whether or not he'd a chance to examine the affected CPE/end-customer setups.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton

• Previous message (by thread): CPE dns hijacking malware
• Next message (by thread): CPE dns hijacking malware
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]