By now you’ve likely heard the speculation that April 1, April Fools Day, is the date Conficker kicks into action. And unfortunately this isn’t a joke. The virus, also known as Downadup, leverages a known vulnerability in the Windows OS and has the potential to do some serious damage. Some estimates for number of machines infected so far are as high as 15 million. The Internet is abuzz with news about the virus and predictions about what it will do.
As your DNS provider of choice, we’re in a unique and advantageous position to help keep our users safe. OpenDNS has kept our users safe from Conficker for the past several months by blocking the domains it uses to phone home. (We’ve seen lots of you start using our service to protect your networks from the worm.)
The latest variant of Conficker is now churning through 50,000 domains per day in an attempt to thwart blocking attempts. Consider this: at any given time we have filters that hold well over 1,000,000 domains (when you combine our phishing and domain tagging filters). 50,000 domains a day isn’t going to rock the boat.
So here’s our update: OpenDNS will continue to identify the domains, all 50,000, and block them from resolving for all OpenDNS users. This means even if the virus has penetrated machines on your network, its rendered useless because it cannot connect back to the botnet. If you want to disinfect your computer we recommend you check out the tools from our friends over at Kaspersky Lab.
If you’re already using OpenDNS, you’re all set. We’re protecting you automatically. If you’re not yet, simply set up a free account here and secure your network.
An easy way to defeat the Conficker worm | Squirrel Hacker
[…] For more details, read this announcement from them. […]
posted on March 30th, 2009 at 2:19 pm
Chuck
We are an opendns.com user. It would be nice if there was a test link to know that we are covered for Conficker requests. Also, is conficker automatically blocked for all opendns users, or is there a catagory I need to check?
Chuck
posted on March 30th, 2009 at 4:07 pm
040 Hosting Blog » Conficker almost there, time to switch DNS?
[…] the following article at the OpenDNS blog, or go directly to the main website of OpenDNS to switch now. addthis_url = […]
posted on March 30th, 2009 at 11:26 pm
Worried about Conficker on April 1? Setting up OpenDNS can protect your network. « Useful Links
[…] Worried about Conficker on April 1? Setting up OpenDNS can protect your network. By dalebul Find out how OpenDNS can protect network here. […]
posted on March 30th, 2009 at 11:28 pm
Michael
Thank you for this update.
posted on March 31st, 2009 at 12:12 am
guillaume
Will it block the legitimates sites that collision with the 50′000 daily hostnames ?
Does it prevent my potentially infected network from receiving commands through Conficker’s P2P system ?
Regards,
Guillaume
posted on March 31st, 2009 at 8:04 am
Tim
It’s good to know that you guys have my network covered.
Keep up the great work.
posted on March 31st, 2009 at 8:15 am
Paul Stefan Ort » Blog Archive » The Conficker Worm
[…] Using OpenDNS can increase your protection against Conficker and other worms, because OpenDNS monitors DNS traffic and can block suspicious activity at the gateway level. […]
posted on March 31st, 2009 at 8:31 am
Brace yourself - Page 2 - Tech Support Forums - TechIMO.com
[…] Check out Opendns.com OpenDNS Blog Worried about Conficker on April 1? Setting up OpenDNS can protect your network. […]
posted on March 31st, 2009 at 8:56 am
Is Your Network Prepared? - The RadioReference.com Forums
[…] Busted! Conficker’s tell-tale heart uncovered • The Register ..And this is whay I use OpenDNS. OpenDNS Blog Worried about Conficker on April 1? Setting up OpenDNS can protect your network. __________________ Obameter We’re On A Road To […]
posted on March 31st, 2009 at 9:10 am
Will
Glad to hear it! Then again, I already know that.
posted on March 31st, 2009 at 9:14 am
kuya
Simply pointing to dns servers would protect the user? Or does one need to register and block a particular category?
posted on March 31st, 2009 at 9:45 am
Allison Rhodes
@kuya - Yes, that’s correct. As long as you’re pointing at our DNS servers (with or without an account) you are protected. If you want to turn OFF Conficker protection, we have a feature called Botnet Protection - on by default - that you can disable.
-Allison
OpenDNS
posted on March 31st, 2009 at 10:16 am
OSS Rises to Conficker Challenge | OpenLogic Blogs
[…] a good essay on using open source security tools and specifically open source infrastructure like OpenDNS in order to battle large malware threats like […]
posted on March 31st, 2009 at 11:55 am
Help Protect Microsoft Windows from Conficker
[…] OpenDNS continues to live up to its mission to make your network safer, more secure, and reliable by providing Botnet Protection. Set up a free account here and help further secure your network. […]
posted on March 31st, 2009 at 1:33 pm
Mary
What if I don’t have a network? should I still use this?
posted on March 31st, 2009 at 2:42 pm
Allison Rhodes
@Mary - Do you mean you don’t have a router? If so, simply set up OpenDNS on your computer. Instructions here: https://www.opendns.com/start/computer/
posted on March 31st, 2009 at 2:57 pm
markwilson.it » Useful Links: March 2009
[…] Setting up OpenDNS can protect your network. - Worried about Conficker on April 1? Setting up OpenDNS can protect your network. […]
posted on March 31st, 2009 at 3:00 pm
links for 2009-03-31 | Seth Goldstein Online
[…] OpenDNS Blog » Worried about Conficker on April 1? Setting up OpenDNS can protect your network. As your DNS provider of choice, we’re in a unique and advantageous position to help keep our users safe. OpenDNS has kept our users safe from Conficker for the past several months by blocking the domains it uses to phone home. (We’ve seen lots of you start using our service to protect your networks from the worm.) (tags: dns confickr) […]
posted on March 31st, 2009 at 4:01 pm
Conficker, Nmap and What I sent to the Office » Solo Technology
[…] http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx [4] OpenDNS mitigation plans: http://blog.opendns.com/2009/03/30/worried-about-conficker-on-april-1-setting-up-opendns-can-protect… [5] Dan Kaminsky’s research notes on Conficker detection: http://www.doxpara.com/?p=1285 Best […]
posted on March 31st, 2009 at 6:12 pm
Chuckz Blog II » Blog Archive » Worried about Conficker on April 1? Setting up OpenDNS can protect your network.
[…] Worried about Conficker on April 1? Setting up OpenDNS can protect your network. […]
posted on March 31st, 2009 at 7:08 pm
champ2u
So, any word or updates yet? Its got to be 4/1/09 on the east coast (US) by now. Any word from Europe?
posted on March 31st, 2009 at 8:55 pm
Darren VanBuren
This is why I set up our computers (I want to do it on the router but I need to collect all the boeing domains to exclude for my mom’s VPN connection.)
Thanks for providing this reliable, fast and free service that keeps our networks safe.
posted on March 31st, 2009 at 11:44 pm
1 April | mimimi ?
[…] het mischien de moment om je de DNS diensten van OpenDNS te gebruiken, want zij bieden mogelijk een antwoord: OpenDNS has kept our users safe from Conficker for the past several months by blocking the domains […]
posted on March 31st, 2009 at 11:50 pm
Harry Caskey
You guys rock! We’ve been using OpenDNS as our DNS service at our company for over a year now and we love it.
Keep up the good work! I can’t wait to see what the next innovative thing you release.
-Harry Caskey
Systems Administrator
posted on April 1st, 2009 at 5:52 am
McColley.net » Blog Archive » OpenDNS Protects Against the Conficker Worm [OpenDNS]
[…] parking pages. It’s free to use and set up; here’s a detailed guide for home networks. Worried about Conficker on April 1? Setting up OpenDNS can protect your network[OpenDNS […]
posted on April 1st, 2009 at 6:00 am
Stop Conficker Worm by using OpenDNS | PaulSpoerry.com
[…] out the OpenDNS blog for more about April 1st and Conficker, when you’re done reading that head on over and configure your home network to use OpenDNS, […]
posted on April 1st, 2009 at 6:29 am
OpenDNS te protege del virus Conficker | Punto Geek
[…] lo mismo en todos lados. Este post es sólo para seguir con mi proselitismo de usar OpenDNS, ya que te protege de este virus filtrando los dominios que te pueden infectar. Punto a favor para la gente de OpenDNS y una excusa más para seguir […]
posted on April 1st, 2009 at 6:38 am
OpenDNS assicura la protezione contro il worm Conficker / Downadup | Trucchetti.com
[…] Ecco il post ufficiale […]
posted on April 1st, 2009 at 6:55 am
Ivan Lapis
Awesome! Great job!
I’ve seen a spike in my stats today around 3am to 7am in unique domains… I might be infected but I can’t find it…
I don’t even use my computer at that time. But it seems there’s no problem in my computer.
it, being blocked in contacting it’s server it a big help.
posted on April 1st, 2009 at 7:46 am
The Glitch » OpenDNS vs. Conficker
[…] OpenDNS Blog & […]
posted on April 1st, 2009 at 7:51 am
Ask The Admin » Blog Archive » April 1st is coming beware of the Conficker worm and impending doom.
[…] OpenDNS security services provider blocks access to the domains listed in the Conficker code. Microsoft has more information on its site, as does Symantec. The Web […]
posted on April 1st, 2009 at 8:07 am
How to protect your computer from the Conficker worm | The How To Do Things Blog
[…] Lifehacker blog post says that you can avoid getting infected by the Conficker worm if you use the OpenDNS service to access the Internet. This is because OpenDNS is constantly tracking the websites and servers that are infected by this […]
posted on April 1st, 2009 at 8:54 am
Conficker | technologyright.com
[…] OpenDNS for your DNS settings rather than what your provider has given you. OpenDNS has been blocking Conficker sites now for a month or […]
posted on April 1st, 2009 at 11:16 am
OpenDNS Protects Against The Conficker Worm | Lifehacker Australia
[…] free to use and set up; here’s a detailed guide for home networks. Worried about Conficker on April 1? Setting up OpenDNS can protect your network[OpenDNS Blog] Tagged:confickerdnsfile […]
posted on April 1st, 2009 at 11:42 am
OpenDNS protege hasta del virus Conficker
[…] Blog OpenDNS Comparte esta anotación Hora de publicación 6:56 pm Escrito por: Skynet Blogs que comentan sobre […]
posted on April 1st, 2009 at 3:56 pm
The Far Edge » Blog Archive » OpenDNS Protects Against the Conficker Worm [OpenDNS]
[…] parking pages. It’s free to use and set up; here’s a detailed guide for home networks. Worried about Conficker on April 1? Setting up OpenDNS can protect your network[OpenDNS […]
posted on April 1st, 2009 at 5:01 pm
Eric
OpenDNS rocks. I have been using OpenDns on my work and home network with great results.
posted on April 1st, 2009 at 10:02 pm
OpenDNS: Still Worried About Conficker? | Lostonreentry.com
[…] just chacked on my OpenDNS account and found this blog by David Ulevitch, it seems that OpenDNS has been carefully tracking and blocking the sites […]
posted on April 2nd, 2009 at 12:26 am
¡OpenDNS te protege! « Flipwared
[…] ¡OpenDNS te protege! 2 04 2009 OpenDNS además de resolución de DNS, ofrece protección contra el gusano Conficker (Downup, Downandup ó Kido) filtrando dominios potencialmente peligrosos. […]
posted on April 2nd, 2009 at 4:52 am
Adam
I’d be curious in knowing how exactly OpenDNS is “finding” and blocking (instantly?) these Conficker domains….
How does it determine the difference between a Conficker domain, and any other “regular” domain?
No, I’m not just an average joe
I’m a spam fighter by trade armed with arsenal of tools such as Complainterator, and a full contacts list, armed to forward spam samples to spam@uce.gov, all related domain registrars, phishtank (if it’s a phish), and an Encyclopedia full of juicy details (spamtrackers.eu) 
On another note, it’s good to hear that OpenDNS is blocking these requests, but would there be any change of letting your users know (perhaps via e-mail? or through the my account area?) if there network is hitting a large amount of these blocklisted domains?
Obviously, that could mean either 1) a machine on that network is infected, or 2) a spam fighter is busy at work, tracking down the domain themselves, for reporting to spamcop, knujon, the domain registrar (complainterator), etc
posted on April 2nd, 2009 at 6:00 am
OpenDNS Blog » Do you have Conficker? Find out in your OpenDNS account.
[…] David mentioned here, we’re in a unique position as your DNS provider of choice to block the worm at the DNS level […]
posted on April 2nd, 2009 at 10:12 am
Allison Rhodes
@Adam - we’ve teamed with Kaspersky Lab to predict the 50,000 domains the worm uses. OpenDNS then blocks them all.
And we just (this morning) rolled out a Conficker detection service that will notify you in your account if we’ve seen suspicious queries relating to Conficker coming from your network.
-Allison
posted on April 2nd, 2009 at 10:31 am
Conficker? Don’t worry, we’ve got openDNS! - gіаиg's blog
[…] Tình cờ, phải vào openDNS.com Dashboard để config một xíu network của mình, nhận ra thông báo: Conficker status: OpenDNS has detected no suspicious queries related to the Conficker virus from your network. What’s Conficker? […]
posted on April 2nd, 2009 at 11:19 pm
MICHAEL
thanks for the information about that.
posted on April 3rd, 2009 at 11:32 am
Valentine Aaqil Mahmood
thank you so much opendns.com for giving always free nice service, this Pakistani is so happy by you people
posted on April 5th, 2009 at 6:11 am
Ivan Lapis
“And we just (this morning) rolled out a Conficker detection service that will notify you in your account if we’ve seen suspicious queries relating to Conficker coming from your network.”
That’s very helpful so that we can know if any computer in our network is infected.
I saw it when I logged in today and said “OpenDNS has detected no suspicious queries related to the Conficker virus from your network.”
Cool
posted on April 5th, 2009 at 3:30 pm
Zeighy dotNet Blog » How to stop Conficker
[…] OpenDNS Blog » Worried about Conficker on April 1? Setting up OpenDNS can protect your network. […]
posted on April 5th, 2009 at 3:35 pm
Tech » OpenDNS Protects Against the Conficker Worm
[…] parking pages. It’s free to use and set up; here’s a detailed guide for home networks. Worried about Conficker on April 1? Setting up OpenDNS can protect your network[OpenDNS […]
posted on April 7th, 2009 at 8:47 am
Has Conficker woken up? and how can you help your network - sheenaustin.com
[…] Use OpenDNS to prevent the worm from talking to its perpetrators. […]
posted on April 9th, 2009 at 8:42 am
GM
What to use as a network IP address when asked to add network to collect stats on a home system. Comcast or FIOS?? Thanks
posted on April 9th, 2009 at 10:56 am
GM
Please assist …. what do I enter for network address when asked to add network to collect stats on a home system using Comcast or FIOS?? Thanks
posted on April 9th, 2009 at 10:57 am
Blog Dolodi.com ^^ » Post Topic » OpenDns ajuda você a combater o Conficker
[…] David mentioned here, we’re in a unique position as your DNS provider of choice to block the worm at the DNS level and […]
posted on April 13th, 2009 at 9:18 pm
S G
You guys rock!
posted on April 24th, 2009 at 5:28 am
Use OpenDNS to Browse Faster, Safer, Fix DNS Errors | Guilda Blog
[…] you know OpenDNS users never worried about Conflicker worm infecting their systems, because OpenDNS will identify the 50000 domains and block them from […]
posted on May 6th, 2009 at 3:46 pm
Use OpenDNS and experience faster Internet | Vishant Garg
[…] you know OpenDNS users never worried about Conflicker worm infecting their systems, because OpenDNS will identify the 50000 domains and block them from […]
posted on May 8th, 2009 at 3:24 am
martín
hi guys,
kaspersky isn’t my friend anymore, nor since in it’s last incarnation it asks to uninstall SPYBOT Search & Destroy arguing compatibility problems.
However, those problems doesn’t exists, but what does exists is Mr. Kaspersky and his company greed - kaspersky claims to ship a antispyware engine in it’s package.
i’m now using avast! an out-of-this-world antivirus/antispyware/antirootkit/antimalware in conjunction with spybot, spywareblaster and ghostsecurity suite, all of them FREE. check avast! review at cnet’s download.com
(sorry if this post is off-topic but since this day blog is about Conficker and computing security I find fair to share my vision about how to enhance)
best!
posted on May 25th, 2009 at 8:25 pm
Use OpenDNS to Browse Faster, Safer, Fix DNS Errors | Michael Seufert
[…] you know OpenDNS users never worried about Conflicker worm infecting their systems, because OpenDNS will identify the 50000 domains and block them from […]
posted on August 11th, 2009 at 6:33 am
Know What To Do About Conficker Virus « Virus Watch
[…] by OpenDNS. Go to https://www.opendns.com/start/ for a step by step instruction. It is assumed that OpenDNS DNS servers are more protected and prepared for network viruses such as Conficker but it is not a complete solution for these […]
posted on August 19th, 2009 at 9:33 am