back to article ISPs step in to supply DNSChanger safety net

The DNSChanger Working Group's replacement DNS servers were taken offline as scheduled on Monday, 9 July. However, rather than leaving an estimated 300,000 machines without internet services it seems that many ISP have configured their own substitute DNS servers, so that at least some pox-ridden machines still have a safety …


This topic is closed for new posts.
  1. ed2020

    If it was up to me...

    ...I'd keep the DNS servers, for a limited period of time, up but redirect all requests to a page giving instructions on how to fix the problem. I see no reason to support infected machines indefinitely.

    1. Alan W. Rateliff, II
      Paris Hilton

      Re: If it was up to me...

      Should have done this from Day One. In any case, I still cannot subscribe to the idea of putting in resources to keep infected machines operable. The sooner they "break" the sooner they'll be fixed.

      Paris, long broken

      1. Anonymous Coward
        Anonymous Coward

        Re: If it was up to me...

        I think you are right, the FBI shouldn't have even bothered in the first place.

        "The sooner they break the sooner they get fixed"


  2. Anonymous Coward
    Anonymous Coward

    Some in Corporate news are reporting this as a false flag attack!

    What a joke.

    The MSM doesn't report TCPIP correctly -- ever.

    For the PARANOID IDIOTS who actually are effected/infected.


    Use whatever method you want, I like D7 myself.


    Now you aren't using the FBI's DNS Server.

    I know that's hard for you all to understand, especially with all the misinformation

    ( Where misinformation = )

    by the media.

    1. Chris 3

      Re: Some in Corporate news are reporting this as a false flag attack!

      You appear to be confusing The Media with a few Internet conspiracy kooks.

  3. Anonymous Coward
    Anonymous Coward

    I stand corrected Chris3

    Damn. Your right, what was I thinking.

    Except, while looking closely, the information appears to be based on videos by local TV stations

    Anyway, you are right I wasn't sure if I should have stated it

    Where You =

    instead of

    Where Misinformation =

    The truth is I didn't want to point at specific websites, because some of them have legit arguments of other topics on them.

  4. Will Godfrey Silver badge
    Thumb Down


    Why? Why? Why? Why? Why? Why? Why? Why? Why? Why? Why? Why? Why? Why? Why?

    With all the publicity, if the idiots can't be bothered to sort themselves out let 'em burn.

  5. Timo

    two things

    1. Last week I heard countless media stories completely misreporting this, that "all of these computers would lose their connection to the internet". !!?!?!?!?!? OH NOOOEEEESS?!?!?!?!?!?

    2. For as many ISP's that would like to do the right thing and keep granny's infected box running, you'd think that Microsoft, or Dell, or HP, would buy up the IP addresses and redirect everyone to a page telling them that their computer was broken and to buy a new one ASAP!?!?! I bet they spend a lot more money shifting 300,000 PC's, this would be cheap advertising.

    I completely agree that if those things aren't fixed by now then screw 'em. If all of this crap reporting hasn't triggered people into doing something then it is pretty unlikely that they're going to wake up with a clue at this point.

    1. Anonymous Coward
      Anonymous Coward

      Re: two things

      "keep granny's infected box running"


  6. Adrian 4 Silver badge

    not really the users they care about

    It seems they're not doing this to support the poor dear users who won't be able to use facebook, but because the ISPs don't want to handle the support calls.

    1. Rab Sssss

      Re: not really the users they care about

      Why should the ISP be on the hook for cleaning up someones virus ridden POS anyhow?

      1. Comments are attributed to your handle

        Re: Re: not really the users they care about

        No one said that the ISP is on the hook. But that won't stop users from calling them anyway.

  7. Crazy Operations Guy

    Taper them off

    They know the IPs of the infected users so why not have each ISP cut off a few people each day (just have a shell script that adds 10-15 address to the firewall each day) then deal with the calls of people that no longer have a connection. Tech support will not be overwhelmed if done properly and they will no longer have to run these servers. Done right, it will be very painless and the most they'd need is one more Support Drone for a couple months.

  8. Winkypop Silver badge

    Shut down, turn off

    Find the box it came in


  9. Justin Clements


    >>3 support calls?

    Seriously? 3? A whole THREE support calls. Gees. Not three hundred, or a three thousand, but three?

  10. DJ Smiley
    IT Angle

    What doesn't appear broken never gets fixed

    Sigh.... while I can understand wanting to "help" customers by making sure they have access.... these machines are likely ridden with other spy/malware and the user is likely completely unaware "because everything works as normal".

    If the ISP's really wanted to help, offer tech support calls who'll come and try and fix the infection for you. Yeah right, and then get sued because someones photos no longer open or something absurd like that. I know :(

  11. mhoulden

    I think the biggest problem to overcome is people who don't understand what the problem is. So the temporary DNS servers get switch off and they can no longer resolve hostnames. How many will just assume it's another virus and buy something like Norton, or just ignore it? Their ISP may well email them to say what to do, but those are very easy to spoof judging by all the spam "your mailbox has exceeded its limits" emails I get. El Reg obviously has quite a technically aware audience but I know some people think everything hangs off Google and even type URLs into the search box. Trying to explain the vagaries of DNS and DHCP to them can be very difficult. Personally I'd write to infected customers using ye olde paper letters complete with illustrated step-by-step instructions on how to find and fix the problem, and then have a helpline number if they get stuck.

    1. DJ Smiley

      My wife types urls in the google box.... she knows she shouldn't/doesn't need to but she does it because thats where the cursor is to start with...

      Interestingly I found this means she hardly ever manages to typo a url as google will suggest the correct one pretty swiftly, and they do at least "try" and filter out bad pages too :)

  12. Anonymous Coward
    Anonymous Coward

    Probably better to not prolong the problem

    IMO it would be better to fix the contaminated PCs now.

This topic is closed for new posts.

Other stories you might like

Biting the hand that feeds IT © 1998–2022