Hackers hijack 300, 000-plus wireless routers, make malicious changes | Ars Technica

Jimmy Hess mysidia at gmail.com
Tue Mar 4 19:10:19 UTC 2014


On Tue, Mar 4, 2014 at 12:33 PM, Ian McDonald <iam at st-andrews.ac.uk> wrote:

> Until the average user's cpe is only permitted to use the resolvers one
> has provided as the provider (or otherwise decided are OK), this is going
> to be a game of whackamole.


No.   That is still just treating symptoms, and not the disease.
This also creates an unacceptable annoyance for the most slightly technical
user who needs to troubleshoot any DNS problems  with their domains.

When the ISP's nameservers are blocked,  the script kiddies will set up a
tunnel,  or configure the DNS client to use a different UDP port number for
DNS resolution,   or adjust the router firmware   to  run tcpdump and
upload  session data to/from interesting web destinations,   to a hostname
on port 80.

--
-JH


More information about the NANOG mailing list