Seamus Phan signature

Recently, the national cable TV provider started recommending that computer users should detect and protect against DNS infections and violations. What should a typical user do?

There has been a DNS malware known as DNSChanger (a rootkit malware), which modifies the DNS settings on a computer such that any calls to public Internet domains may be routed to illegitimate domains. The FBI (Federal Bureau of Investigation) of the USA managed to take control of many of the infected host computers of a criminal ring last year, and reconfigured those infected hosts to act as “surrogate” hosts temporarily. However, those surrogate DNS servers will be shut down this month (July 2012). Those computers that were infected with modified DNS entries, may lose DNS capabilities altogether.

To ensure that one’s computer is not infected, the best way is to check against the DNS Changer Working Group (DCWG)’s list of free check-up sites. The free check-up is fast and easy, with free check-up sites in various countries, including one in Malaysia (hosted by MYCERT and CyberSecurity MY). On the same site, one can check the available software that can disinfect infected computers as well.

If you like, you can sign up with a commercial service such as OpenDNS, which takes care of the DNS security, with provisions for malware blocking, and many other security offerings related to DNS.