Comments on: Do you have Conficker? Find out in your OpenDNS account. http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/ Making the Internet safer and faster Sat, 21 Nov 2009 09:49:12 +0000 http://wordpress.org/?v=2.2.2 By: Cadê o Conficker? | Segurança http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-321976 Cadê o Conficker? | Segurança Tue, 04 Aug 2009 06:02:21 +0000 http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-321976 [...] provedora de serviços de resolução de DNS OpenDNS chegou a dizer que 12% dos computadores do Brasil estava infectados com o tal vírus, mas que estava trabalhando arduamente para que seus usuários não conseguissem [...] […] provedora de serviços de resolução de DNS OpenDNS chegou a dizer que 12% dos computadores do Brasil estava infectados com o tal vírus, mas que estava trabalhando arduamente para que seus usuários não conseguissem […]

]]> By: Do you have Conficker? Find out in your OpenDNS account. - CornDog Computers http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-319235 Do you have Conficker? Find out in your OpenDNS account. - CornDog Computers Sat, 27 Jun 2009 19:08:51 +0000 http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-319235 [...] http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/ [...] […] http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/ […]

]]> By: ::Pim pom PAPAS!:: » Prevención contra el conficker, sin antivirus http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-311073 ::Pim pom PAPAS!:: » Prevención contra el conficker, sin antivirus Sun, 10 May 2009 00:57:49 +0000 http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-311073 [...] nuevo servicio lo encontré vía el blog de OpenDNS, donde además llevan una interesante estadística geográfica del porcentaje de [...] […] nuevo servicio lo encontré vía el blog de OpenDNS, donde además llevan una interesante estadística geográfica del porcentaje de […]

]]> By: Adam http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-310537 Adam Wed, 06 May 2009 22:20:44 +0000 http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-310537 So far I'm clean ;0 But yea, I got 4 systems here, 2 desktops, and 2-4 laptops connected thru wireless at various times, so finding a "problem" machine could be a pain in the abutt...lol. Any chance that OpenDNS can gather the "computer name" or "local IP address" (192.168.1.x...) that initiated the connection to the blocklisted Conficker domain? Lastly, any chance of upgrading this to "all" or "any" up/coming malware related domains...? Ala, Storm Worm, etc... I'm not sure how this all works on the backend, but if you got that domain tool running in the background, to "predict" bad domains that I was reading about, dump the domains constantly to the "malware" label (automatically voted as malware obviously...) - I'm sure the process could be adjusted to any later outbreak of bad domains too? So far I’m clean ;0 But yea, I got 4 systems here, 2 desktops, and 2-4 laptops connected thru wireless at various times, so finding a “problem” machine could be a pain in the abutt…lol.

Any chance that OpenDNS can gather the “computer name” or “local IP address” (192.168.1.x…) that initiated the connection to the blocklisted Conficker domain?

Lastly, any chance of upgrading this to “all” or “any” up/coming malware related domains…? Ala, Storm Worm, etc…

I’m not sure how this all works on the backend, but if you got that domain tool running in the background, to “predict” bad domains that I was reading about, dump the domains constantly to the “malware” label (automatically voted as malware obviously…) - I’m sure the process could be adjusted to any later outbreak of bad domains too?

]]> By: richard koswandi http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-307923 richard koswandi Sun, 19 Apr 2009 01:29:30 +0000 http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-307923 is Conficker posible infect a macintosh operating system? I use belkin wireless router to share the internet connection is Conficker posible infect a macintosh operating system?
I use belkin wireless router to share the internet connection

]]> By: Frabj http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-307852 Frabj Sat, 18 Apr 2009 14:27:50 +0000 http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-307852 "Tim Haigh - I have a Mac so I dont worry about such exploits of microsofts inferior operating systems." Tim - Mac users should still practice safe computing. Check the IWork Trojan DDOS botnet: trojan was downloaded in pirated copies of iWork. See the article here: http://preview.tinyurl.com/df6agh AND: http://www.securemac.com/ OpenDNS should add the qwfojzlk.freehostia.com address to its global blocking lists. “Tim Haigh - I have a Mac so I dont worry about such exploits of microsofts inferior operating systems.”

Tim -
Mac users should still practice safe computing. Check the IWork Trojan DDOS botnet: trojan was downloaded in pirated copies of iWork. See the article here:
http://preview.tinyurl.com/df6agh AND:
http://www.securemac.com/

OpenDNS should add the qwfojzlk.freehostia.com address to its global blocking lists.

]]> By: Rex Moncrief http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-307389 Rex Moncrief Wed, 15 Apr 2009 13:47:04 +0000 http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-307389 Once your machine has been compromised, the only real way to deal with the threat is to backup your critical data files (you should have a backup system anyway), wipe the machine, reinstall Windows, make sure you are behind a NAT router, and patch it up. Reinstall your software, tweak your settings, and don't let it get infected again. Simple. After your software is reinstalled and pc is tweaked, then use imaging software to make a snapshot of it. Once your machine has been compromised, the only real way to deal with the threat is to backup your critical data files (you should have a backup system anyway), wipe the machine, reinstall Windows, make sure you are behind a NAT router, and patch it up. Reinstall your software, tweak your settings, and don’t let it get infected again. Simple.

After your software is reinstalled and pc is tweaked, then use imaging software to make a snapshot of it.

]]> By: crybaby http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-306726 crybaby Sat, 11 Apr 2009 03:48:36 +0000 http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-306726 crazy crazy

]]> By: Tim Haigh http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-306665 Tim Haigh Fri, 10 Apr 2009 22:26:38 +0000 http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-306665 I have a Mac so I dont worry about such exploits of microsofts inferior operating systems. I have a Mac so I dont worry about such exploits of microsofts inferior operating systems.

]]> By: Harvey http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-306200 Harvey Thu, 09 Apr 2009 09:14:03 +0000 http://blog.opendns.com/2009/04/02/do-you-have-conficker-find-out-in-your-opendns-account/#comment-306200 I received an email informing me that my network is infected by Conficker. I logged on to my OpenDNS account and saw big banner on the dashboard, but when I checked the stats for April 8 with the filter "View only requests that were blocked as malware" it returned "You haven’t requested any known malware sites." So I changed the date to April 7. It did return some stats with the filter "View everything". I tried changing it back to "View only requests that were blocked as malware" and then I clicked the Apply button. Nothing happened. If specify a range of dates, the bot returned an error saying "We’re experiencing some network issues with our website. (Don’t worry, our website is separate from our DNS infrastructure.) Stats will be back soon." How to know if indeed my network is infected and what domains my network was accessing to (malware/sites of Conficker)? I received an email informing me that my network is infected by Conficker. I logged on to my OpenDNS account and saw big banner on the dashboard, but when I checked the stats for April 8 with the filter “View only requests that were blocked as malware” it returned “You haven’t requested any known malware sites.” So I changed the date to April 7. It did return some stats with the filter “View everything”. I tried changing it back to “View only requests that were blocked as malware” and then I clicked the Apply button. Nothing happened.

If specify a range of dates, the bot returned an error saying “We’re experiencing some network issues with our website. (Don’t worry, our website is separate from our DNS infrastructure.) Stats will be back soon.”

How to know if indeed my network is infected and what domains my network was accessing to (malware/sites of Conficker)?

]]>