Hackers hijack 300, 000-plus wireless routers, make malicious changes | Ars Technica

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Tue Mar 4 14:54:12 UTC 2014

On Tue, 04 Mar 2014 09:28:01 -0400, jim deleskie said:
> Why want to swing such a big hammer.  Even blocking those 2 IP's will
> isolate your users, and fill your support queue's.
> Set up a DNS server locally to reply to those IP's  Your customers stay up
> and running and blissfully unaware.
> Log the IP's hitting your DNS servers on those IP and have your support
> reach out to them in a controlled way, or  reply to any request via DNS
> with an internal host that has a web page explaining what is broken and how
> they can fix it avoiding  at least some of the calls to your helpdesk.

Two words: "DNS Changer".  What did we learn from that?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140304/cd60f564/attachment.bin>

More information about the NANOG mailing list