PDA

View Full Version : Internet vulnerability: surviving a DNS attack.



EYES WIDE OPEN
20th February 2012, 15:57
Mod-edit:


The following thread was split off from this post (http://projectavalon.net/forum4/showthread.php?36083-Mitchell-Coombes-Does-he-really-have-access-to-insider-info&p=428790&viewfull=1#post428790) and this post (http://projectavalon.net/forum4/showthread.php?36083-Mitchell-Coombes-Does-he-really-have-access-to-insider-info&p=431229&viewfull=1#post431229) of the Mitchell Coombes: Does he really have access to insider info? (http://projectavalon.net/forum4/showthread.php?36083-Mitchell-Coombes-Does-he-really-have-access-to-insider-info) thread.

This thread discusses a possible denial of service attack on the Internet's root name (DNS) servers, which would make the web pretty much useless for most ordinary purposes, while the attack was occurring, unless you found a way to adapt.

My personal hunches: using an alternative DNS provider is the best defense, but perhaps more importantly:

this smells to me like another possible false flag operation (with Internet hackers blamed, instead of terrorists), intended to open the door for more visible suppression of Internet freedoms.

Beware.

-- Paul.
===


...
The forces at work here are moving on multiple fronts now, and when this begins, most if not all of you will be overwhelmed by it all. So here are some more clues as to the great many fronts that are being advanced at this very moment-

http://news.yahoo.com/fbi-could-down-internet-millions-march-8-181807521.html?ugccmtnav=v1%2Fcomments%2Fcontext%2Fa9b04690-11f2-311c-9092-6da5c4317705%2Fcomments%3Fcount%3D20%26sortBy%3Dlatest

Also look at the date of publication of this report on the original incident-

http://www.fbi.gov/news/stories/2011/november/malware_110911/malware_110911

11/9/11? Sound strange? Hold that thought for a moment...

Here is the PDF technical paper from the working group assembled to attempt to fix this issue. Please read it carefully to understand what the real situation is-

13928

I suggest you follow ALL of the links contained while tracking the article back to the source. In a nutshell, very soon DNS will no longer function properly, which means if you do not know the numerical IP address for any site you wish to visit- you may find yourself without the internet. This will be made worse if this next planned event succeeds-

http://pastebin.com/NKbnh8q8

It is open source instructions for causing a self-initiated Blackhole loop that will take all of the DNS servers down. Once the net is down, communication will be greatly stifled, and far more destructive events will ensue since our ability to track them will be gone.

...


Is there an easy way of finding the IP Address of a website in case this happens?

Bryn ap Gwilym
20th February 2012, 17:02
Is there an easy way of finding the IP Address of a website in case this happens?

Hi,
Yes there is by using the nslookup command.
Example
nslookup projectavalon.net
# will give you the address you are looking for. The below address is for this site. #
67.212.160.12

Linux and Unix nslookup command
http://www.computerhope.com/unix/unslooku.htm

Using NSlookup.exe
http://support.microsoft.com/kb/200525

Or just surf the internet with GNU Emacs (http://www.gnu.org/software/emacs/)

The web is just a small portion of the Internet & is not the Internet.

hohoemi
20th February 2012, 18:10
hi,

in regard to nslookup: from what i understand it's just another way to query a DNS (domain name server) to get the IP address.
this won't solve the problem of the global blackout since the DNS will be down.

see wikipedia (http://en.wikipedia.org/wiki/Nslookup):

nslookup is a network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.

however, if you are talking about circumverting the DNSChanger problem, it could work :)

Alan
20th February 2012, 18:21
hi,

in regard to nslookup: from what i understand it's just another way to query a DNS (domain name server) to get the IP address.
this won't solve the problem of the global blackout since the DNS will be down.

see wikipedia (http://en.wikipedia.org/wiki/Nslookup):

nslookup is a network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.

however, if you are talking about circumverting the DNSChanger problem, it could work :)

I think the idea is, use nslookup NOW to get the IP addresses and save them off somewhere. This way if/when the DNS servers go down you can use the IP address instead of the domain name.

Bryn ap Gwilym
20th February 2012, 18:21
hi,

in regard to nslookup: from what i understand it's just another way to query a DNS (domain name server) to get the IP address.
this won't solve the problem of the global blackout since the DNS will be down.

see wikipedia (http://en.wikipedia.org/wiki/Nslookup):

nslookup is a network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.

however, if you are talking about circumverting the DNSChanger problem, it could work :)

Hi,
Ie I know.
I was answering the question which was asked nothing more or nothing less..

Is there an easy way of finding the IP Address of a website in case this happens?

Quantum Logic
20th February 2012, 18:32
Alamojo and Bryn are correct. Get the numerical IP's NOW while you can. Otherwise you may be out of luck. Especially the March 31 Anon attack- they are using a reflective approach that will grow faster than we will be able to react. I hope someone finds a way to stop this, but since the DCWG can't even do it, it looks to be widespread.

hohoemi
20th February 2012, 18:35
@ bryn ap gwilym
i probably misunderstood the question because of something i was wondering myself:
how do you get an ip adress once the DNS is down?
in any case, thanks for the nslookup command! it's a good thing to know :)

@ alamojo:
yes, that would be an idea, however i don't think it would work for dynamic pages such as this forum - you could save the IP address of the main page or any currently existing post, but how do you follow the link to the next page of a thread etc.?

also, nslookup can't find projectavalon.net/forum4 or the IP of a specific thread... what's up with that?
and some of the IP addresses it finds don't seem to work, such as 80.87.129.146 for the david icke homepage (re-resolving it makes it mail . davidicke . com , while i looked up www . davidicke . com)
i hope it's just my bad influence on computers :rolleyes:

mountain_jim
20th February 2012, 20:58
searching for domain IP lists now might save some time...

Besides nslookup, running ping <domain name> from command prompt returns the IP

ping projectavalon.net
returns 67.212.160.12

This one is related to SOPA, but does have some useful ones (more there but I was having trouble copying them)

https://docs.google.com/document/d/1aF-VyYGBsJ_zD1Cfv1bYZDl_nUlWVxFJxn-qS2kVB1E/edit?pli=1#



# SOPA emergency list (a.k.a sites that got free advertisement from sopa)

# Social media
reddit.com 72.247.244.88
digg.com 64.191.203.30
imgur.com 173.231.140.219
hotmail.com 65.55.72.135
theonion.com 97.107.137.164
hush.com 65.39.178.43
gamespot.com 216.239.113.172
ign.com 69.10.25.46
cracked.com 98.124.248.77
sidereel.com 144.198.29.112
stackoverflow.com 64.34.119.12

# Social networking
facebook.com 69.171.224.11
twitter.com 199.59.149.230
tumblr.com 174.121.194.34


# Search engine / Link sites:

google.com 74.125.157.99
yahoo.com 98.137.149.56
bing.com 65.55.175.254
torrentz.eu 46.19.137.189
torrentbutler.eu 209.44.99.122
filestube.com 149.13.65.52


# Streaming sites

youtube.com 74.125.65.91

# Shopping
amazon.com 72.21.211.176
newegg.com 216.52.208.187
frys.com 209.31.22.39

EYES WIDE OPEN
21st February 2012, 11:35
Thanks for this. Is there one for Macs?

EYES WIDE OPEN
21st February 2012, 11:45
Perhaps we can start a list of I P addresses for our fav websites?

mountain_jim
21st February 2012, 13:28
The IP / domain name association is true for all platforms, as it is in the design of the internet protocols.

I assume the apple OS also allows nslookups and pings from its os, or you can use the nslookup web-sites to perform the same function.

I think a new thread to list everybody's favorite sites IPs would be a good idea, so as not to derail this one any further.

I wonder whether my ISP DSL connection will even work properly if domain name resolution is down, however.

EYES WIDE OPEN
21st February 2012, 15:29
Which forum would be the best place for the new thread?

ThePythonicCow
21st February 2012, 16:11
i probably misunderstood the question because of something i was wondering myself:
how do you get an ip adress once the DNS is down?

Yes, the earlier question, how to get an IP address, was ambiguous.

If you're asking how to get an IP address now, while DNS servers are working, then the answer is to use such commands as nslookup, dig, host, or ping (these are the Linux names; I do not know which one of these you can find on Windows or Mac), or to use such web service sites as whois.net (http://whois.net) or www.networksolutions.com/whois.

If you're asking how to get an IP address when your DNS service (and perhaps most DNS on the web) is broken, then the answer is to have a backup plan (see below) for DNS service.



yes, that would be an idea, however i don't think it would work for dynamic pages such as this forum - you could save the IP address of the main page or any currently existing post, but how do you follow the link to the next page of a thread etc.?

also, nslookup can't find projectavalon.net/forum4 or the IP of a specific thread... what's up with that?:

It is NOT the case that each web page on the Internet has its own IP address. There are only 4 billion or so IP addresses available (in the current IP4 protocol). barely enough for all the network attached computers, smart phones and other web attached devices.

Rather each web site has a single IP address. The IP address for davidicke.com is 80.87.129.146, and the IP address for projectavalon.net is 67.212.160.12. Then David Icke owns a web server answering to the address 80.87.129.146 that handles all webpage requests for that address, and Bill Ryan owns a web server answering to the address 67.212.160.12 that handles all webpage requests for that address (Paul and Ilie administer that last web server :).)

Looking at a full web URL, such as http://projectavalon.net/forum4/showthread.php?36083-Mitchell-Coombes-Does-he-really-have-access-to-insider-info. the dot-connected portion "projectavalon.net" after the "http://" and before the next slash "/" is the portion that gets its own IP address.

=======

Here's what I would suggest for a DNS backup plan. Having the IP address of one or a few of your favorite websites won't get you very far on the web ... you would be amazed how many different IP addresses even some simple web browsing will traverse.

Rather I would have the web address of a few sites that list alternative DNS servers and provide Windows, Mac and Linux instructions for changing which DNS server you're using.

Then, if your local Internet Service Provider (ISP) can't handle a major DNS attack, perhaps one of the major alternative DNS providers is in better shape, and you can switch to them.

The Operation Global Blackout (http://pastebin.com/NKbnh8q8) attack on the root DNS servers that Quantum Logic's post mentioned above should not, I would hope, cripple all the alternative DNS providers. They should be able to fall back to issuing whatever (increasingly stale) top level domain IP addresses they had, before the root servers were taken down by any such attack. I'd also expect that any such attack would have a higher risk of being used to justify Internet clamp downs by the thugs working under the badge of legal authority, than it would have a risk of seriously disabling the Internet for very long.

Personally, I always use an alternative DNS provider, not my ISP's DNS. Some of the alternative's are bigger, faster and more reliable.

Perhaps the two best list of alternatives, with instructions for changing which DNS service your PC uses are:

http://theos.in/windows-xp/free-fast-public-dns-server-list/
http://wikileaks.org/wiki/Alternative_DNS

If your DNS service is not working, you can get to these two web pages at:

http://75.126.153.211/windows-xp/free-fast-public-dns-server-list/
http://88.80.2.31/wiki/Alternative_DNS

If your web geek skills are medium, you might want to print out one of these pages, to have on hand if all your web pages start coming up Not Found (the usual sign of a broken DNS, or of your internet connection being down, or of your cable modem being unplugged by the cat, or of ...).

If your web geek skills are high, you don't need these pages ... you already know enough of it :).

If your web geek skills are low ... become a friend with a geek, or don't use the web when it's not working.

My favorite two alternative DNS services are OpenDNS (208.67.222.222) and Level 3 (4.2.2.1). OpenDNS has more features and specializes in DNS services, but Level 3 (a major Internet backbone player) is usually the fastest (in the places I've lived) and has an IP address that I've long since memorized (4.2.2.1).

My personal DNS backup plan is actually more elaborate. I run my own DNS server, and have a cron job dump it's entire mapping every 20 minutes (before anything expires). My elaborate backup system then keeps all copies of that map, and I am prepared to fall back to to any earlier version of my DNS map as need be. My backup maps keep getting bigger, as I visit more sites. Currently it has 58126 IP addresses, being all the websites I've visited (or some page I loaded used) in the last year or two.

¤=[Post Update]=¤


I think a new thread to list everybody's favorite sites IPs would be a good idea, so as not to derail this one any further.
Oops - looks like I just derailed this thread further. Sorry.

EYES WIDE OPEN
21st February 2012, 16:56
So back on topic, what would be the best place for the IP thread? I think it needs to be fairly high profile as it could prove important. Might as well decide now so that a mod does not have to move it at a latter date. Current events maybe? Once its started, maybe the mods can move all this info into the new thread and delete these posts from here?

ThePythonicCow
21st February 2012, 18:22
Perhaps we can start a list of I P addresses for our fav websites?

As I noted just now, when I added the Mod-edit to the opening post of this thread, my hunch is that this "threat" of a major takedown of the web by a denial of service attack on the Internet's root DNS servers is a potential false flag operation, to open the door to further denials of freedom on the web.

That doesn't mean it won't happen ... just that we won't know who did it :).

As I said in a round about way in my big post earlier in this thread, the best way to get through such an outage (if you want to continue using the web) is to use a good alternative DNS provider. See the following sites for lists of good DNS alternatives:

http://theos.in/windows-xp/free-fast-public-dns-server-list/
http://wikileaks.org/wiki/Alternative_DNS

If you are moderately tech savvy, I recommend permanently changing to OpenDNS (208.67.222.222) or Level 3 (4.2.2.1), rather than using your local ISP's DNS. Then, print out a list, from one of the above two links, of other alternative DNS providers, in case you need to switch to a different one during some such attack.

The most important thing you could do, if this did happen and actually was a false flag, would be to calm your friends, family and neighbors, and alert them to being wary of official reactions to "protect" us from such future attacks, by taking away our Internet freedoms.

Having a list of the IP addresses of a few of your favorite websites won't get you far, if this did happen, and won't help deal with the real threat (tyrannical bastards in power further extending their grip) if this is a false flag.

mountain_jim
21st February 2012, 19:28
Thanks Paul. I also point to the OPEN DNS servers on my Netgear router.

Thanks for the tip on Level 3 DNS, as it makes sense to spread out the risk over both major players.

Something weird in last 2 days, twice my wireless internet connection has been lost when using google search links for nslookup and looking for an 'archived list of domain name IP associations', and I had to re-establish the connection. It appeared the wireless node (but not my router or DSL modem I think) was taken out by something in the character stream of those requests.

ThePythonicCow
21st February 2012, 19:54
It appeared the wireless node (but not my router or DSL modem I think) was taken out by something in the character stream of those requests.
My wild guess, without knowing anything, would be that something caused some interference in the electromagnetic spectrum used by your wireless, somewhere near you. I would not expect the data contents going over a wireless connection to affect it, except in some pretty far out scenarios.

That something might include microwave ovens, cordless phones, Bluetooth devices, wireless video cameras, outdoor microwave links, wireless game controllers, Zigbee devices, fluorescent lights, WiMAX, or so on (list quoted ver batim from 20 Myths of Wi-Fi Interference (http://www.cisco.com/en/US/prod/collateral/wireless/ps9391/ps9393/ps9394/prod_white_paper0900aecd807395a9_ns736_Networking_Solutions_White_Paper.html).)

Operator
21st February 2012, 20:48
Hi All,

I have 2 remarks regarding name 2 IP resolving:

1. Most websites cannot (!) be reached by IP alone !!
A domain name will resolve to a valid IP as translated by DNS. However it resolves to an IP of a server that hosts several hundred websites.
Once you are on the right server the server looks at the domain name again and directs you to the corresponding files of the website.
The only websites that can work with IP only are the ones that have a UNIQUE IP address. Typically the websites that also use https
(encrypted (secured) protocol) need an unique IP to let the encryption certificate do its work.

My next point is related but perhaps not exactly on topic ...
2. What if the blackout is planned at the same time when major attacks, trying to start WWIII, are performed.
By now they know that they cannot rely on the MSM. Real independent info will spread like wildfire if they don't
suppress it. Just a wild hunch for the moment.

ThePythonicCow
22nd February 2012, 00:30
I have 2 remarks regarding name 2 IP resolving:

1. Most websites cannot (!) be reached by IP alone !!
...
2. What if the blackout is planned at the same time when major attacks, trying to start WWIII, are performed.

Two excellent points, Operator.

It is been my experience that even when a server hosts many websites, more often than not each of those websites will still have its own unique IP.

But let me provide some real numbers. From my logs of my own DNS server, through which all my web surfing has been passing for a couple of years now, I have visited (or at least had some page I visited pull a bit of content from) 58126 sites (by unique domain name), but only accessed 45455 unique IP addresses. Some 38407 domain names I visited each had their own unique IP address, and the other 19719 domain names I visited were shared, having two or more names (that I know about, because I visited them too!) per IP address. The sites I visited which shared the most domain names per IP address (one or two hundred each that I know of) were GoDaddy.com, TypePad.com, and sourceforge.com.

So, from that sample of one, 38407 / 58126 == 66 % (two thirds) of the web sites (by name) that I visited had their own unique IP address (so far as I know.)

However your observation is one more good reason to look for alternative DNS servers, rather than trying to manually visit sites using explicit IP numbers. Doing so lets you visit all sites, not just two thirds, and lets you load their entire page correctly, including the parts that pick up bits of other sites by named links that depend on that name.

I run three websites myself (itsy bitsy teeny weeny ones) all on one webserver, and as you describe, they share a single IP address, resolving requests by the domain name. On my server, if you come in with a request using the server's IP number, instead of a domain name I'm expecting, you will always get a particular one of the three websites, and the other two might as well not exist.

As to your second point - yes - as we can see from the Arab Spring revolts recently, the time the bastards in power are most likely to openly and blatantly mess with cell phone calls, twitter, facebook, or whatever other means of communication concerns them is right when communication between people would be most useful, that being when some nasty operation is going down.

Just guessing here (hopefully I don't think like those bastards and certainly I have no inside information) but it would not surprise me if they took this in a couple of steps: First another "network hacker" attack or two, to get more tyrannical control over the web, and
then more seriously nasty operations, during which communication between us peons occurs only at the pleasure of the bastards in charge.

However they may be running out of time and maneuvering room for such delicacies.

Quantum Logic
22nd February 2012, 01:21
If you really want to find out the path to where you want to go, do a full trace to find out exactly how it's routed. Thanks Paul for making this into it's own thread. But I will tell you, if you look at how the Blackhole Toolkit and subsequent scripts work that Anon is going to use, alternative DNS will eventually fail due to the reflective approach they are using. I think the Anon attack is going to use already infected systems from the original Estonian operation that ended Nov. 9,2011. You are correct- I smell a false flag as well. Think of what they could do with global net communication down, not to mention those of us who monitor HAARP and infrasound emissions will not be able to tell if the sonic signature is present. I will be posting a list of monitoring links for various sciences in the near future, resolved to true IP's with subsections.

QL

ThePythonicCow
22nd February 2012, 01:48
the original Estonian operation that ended Nov. 9,2011
Hmm ... the FBI unsealed these indictments (http://www.fbi.gov/news/stories/2011/november/malware_110911/malware_110911) on 11/9/2011 ... kinda sounds like 9/11/2001 :). Someone's playing number games with us again.

ThePythonicCow
22nd February 2012, 05:02
As I noted in an earlier post (Nov 13, 2011) (http://projectavalon.net/forum4/showthread.php?34600-Jump-Room.--Backup-website-if-forum-server-down-or-offline--&p=354596&viewfull=1#post354596), just trying to browse this forum by explicitly giving the Avalon server's IP address 67.212.160.12 in an effort to work around a DNS failure really does Not work.

You can view any one specific page in guest mode, in a purely ugly and simple text view. But you cannot login, cannot search, and many of the links don't work. This is because many of the embedded links in forum pages referring back to other forum pages include the domain name of the server, causing repeated lookups of the DNS entry for "projectavalon.net", just to display one page. This is fairly common for rich or interactive web pages. The forum is essentially unusable that way.

At a minimum, one has to make a "67.212.160.12 projectavalon.net" entry in one's local hosts file. Windows, Mac and Linux all have such a file. That, or as I explained above, use an alternative DNS provider that is still working, if your usual DNS provider is failing.

I do Not recommend normally putting an entry for any your favorite websites in your hosts file, because that will come back to bite you later on, if any of those websites move do a different IP address. When that happens, you will end up wasting time trying to figure out why you can't access that website. However such a hosts file entry could be a workaround to access a site in the event that your DNS provider cannot provide the correct IP address.

EYES WIDE OPEN
22nd February 2012, 09:17
What a fantastic and useful thread this is. I think its also one of the most important on Avalon. Thanks to all involved.

Terra
22nd February 2012, 12:56
I agree Eyes, its all hands to the pumps now, the fire has been ignited it seems.

Sorry to drift on this, but I do not have the time to look at every thread on PA sadly, but something I have just noticed from a reply to the Whitehats reports #36 is the mention of HAARP, GWEN and HDTVs.
Just a thought, here in the UK the most populated area the South East is switched from analog to digital very shortly completing the network. My question is, is this the same for all the other European countries too? Apologies for my ignorance, I may be well off target, but the deadlines for completion seem linked maybe.

In your opinions is Bluebeam dead now? I do wish Lord Sid was here, his views could help re: raptures etc. (I know it got messy, but I do miss the old boy) Link (http://www.cuttingedge.org/News/n2370.cfm) that provoked this thought.

Quantum Logic
22nd February 2012, 13:02
Paul-

Did you even pay attention to any of the links I presented in the post of mine that you move here to create this thread? The FBI link is already there, which tells me you did not read it. Why did you post it again?

I have been in contact with the CEO and IT dept. of the company I work for, and will be hearing something back soon. This DNS attack will not work, and there are ways around it that I will test when I get home tonight, and post screenshots to prove it. This DNS attack has already failed, as I am sure my company is informing the hundreds of other companies of the issue, and if they act as I suspect they will, they will make link changes on their sites to support a non-DNS environment.

To anyone who may be watching that is responsible for this attack- you will ultimately fail, for we the people are more intelligent than you believe. You WILL be exposed. Don't underestimate the power of the people.

QL

EYES WIDE OPEN
22nd February 2012, 19:49
looking forward to your post. :)

toad
22nd February 2012, 20:09
Paul-

Did you even pay attention to any of the links I presented in the post of mine that you move here to create this thread? The FBI link is already there, which tells me you did not read it. Why did you post it again?

I have been in contact with the CEO and IT dept. of the company I work for, and will be hearing something back soon. This DNS attack will not work, and there are ways around it that I will test when I get home tonight, and post screenshots to prove it. This DNS attack has already failed, as I am sure my company is informing the hundreds of other companies of the issue, and if they act as I suspect they will, they will make link changes on their sites to support a non-DNS environment.

To anyone who may be watching that is responsible for this attack- you will ultimately fail, for we the people are more intelligent than you believe. You WILL be exposed. Don't underestimate the power of the people.

QL

I completely agree, this may frustrate most average people for a lil bit, but it will ultimately fail and be quickly circumvented.

Quantum Logic
22nd February 2012, 22:49
Thanks, toad. It will be a pain in the behind at first, but we will come out of it in the end. Truth must prevail.

QL

Quantum Logic
23rd February 2012, 02:41
The truth is revealed-

http://www.theregister.co.uk/2012/02/22/anon_disowns_dns_takedown_plan

If it goes down, it is NOT Anonymous. If you read the article, this is nothing more than a political ploy to get Senate Republicans to vote for an absurd internet regulation bill.

I also found this interesting-

http://krebsonsecurity.com/2012/02/half-of-fortune-500s-us-govt-still-infected-with-dnschanger-trojan

I found this quote near the end of the article quite telling-
"I’m guessing a lot more people would care at that point,” Rasmussen said. “It certainly would be an interesting social experiment if these systems just got cut off.”

Interesting social experiment, eh? We are nothing more than lab rats for governments and corporations. So typical- and transparent.

The truth prevails, once again.:whoo:

QL

ThePythonicCow
23rd February 2012, 03:16
Paul-

Did you even pay attention to any of the links I presented in the post of mine that you move here to create this thread? The FBI link is already there, which tells me you did not read it. Why did you post it again?http://projectavalon.net/forum4/showthread.php?41146-Internet-vulnerability-surviving-a-DNS-attack.&p=433200&viewfull=1#post433200
Are you referring to my Post #21 (http://projectavalon.net/forum4/showthread.php?41146-Internet-vulnerability-surviving-a-DNS-attack.&p=433200&viewfull=1#post433200) above, which duplicates some of what you said in the post that EYES WIDE OPEN quotes in Post #1 (http://projectavalon.net/forum4/showthread.php?41146-Internet-vulnerability-surviving-a-DNS-attack.&p=432079&viewfull=1#post432079) of this thread:

http://www.fbi.gov/news/stories/2011/november/malware_110911/malware_110911

11/9/11? Sound strange?
If that is what you're referring to, then yes, I didn't notice that you noticed the same thing earlier.

ThePythonicCow
23rd February 2012, 04:09
From FCC chairman calls on ISPs to adopt new security measures (NetworkWorld - 22 Feb 2012) (http://www.networkworld.com/news/2012/022212-fcc-chairman-calls-on-isps-256451.html):
U.S. Internet service providers should take new steps to protect subscribers against cyberattacks, including notifying customers when their computers are compromised, the chairman of the U.S. Federal Communications Commission said Wednesday.

FCC Chairman Julius Genachowski called on ISPs to notify subscribers whose computers are infected with malware and tied to a botnet and to develop a code of conduct to combat botnets. Genachowski also called on ISPs to adopt secure routing standards to protect against Internet Protocol hijacking and to implement DNSSEC, a suite of security tools for the Internet's Domain Name System.
Sensible sounding recommendations (not mandates) ... though the drum beat of cyber (in)security continues.

ThePythonicCow
23rd February 2012, 04:27
From Feds Request DNSChanger Deadline Extension (KrebsOnSecurity - 22 Feb 2012 (http://krebsonsecurity.com/2012/02/feds-request-dnschanger-deadline-extension/):
In a Feb. 17 filing with the U.S. District Court for the Southern District of New York, officials with the U.S. Justice Department, the U.S. Attorney for the Southern District of New York, and NASA asked the court to extend the March 8 deadline by more than four months to give ISPs, private companies and the government more time to clean up the mess. The government requested that the surrogate servers be allowed to stay in operation until July 9, 2012. The court has yet to rule on the request, a copy of which is available here ("http://krebsonsecurity.com/wp-content/uploads/2012/02/dnschangerextension.pdf') (PDF).

Bryn ap Gwilym
30th April 2012, 23:27
This walkthrough should come in handy as it is aimed at Noobs.

How to Access blocked websites on Ubuntu
http://blog.sudobits.com/2012/02/09/how-to-access-blocked-websites-on-ubuntu/

how to setup OpenDNS on ubuntu
http://blog.sudobits.com/2011/07/17/how-to-setup-opendns-on-ubuntu-11-04-10-10-10-04/

another bob
30th April 2012, 23:58
http://i48.tinypic.com/2cmvvb8.jpg