OT FBI to shut down internet access for some on july 9th

torontoCPAPguy wrote:WARNING - WARNING - WARNING

The checkout routine may be the virus payload here. DO NOT DOWNLOAD IT under any circumstances!!

......

Murray

Sage advice NEVER EVER go to a site claiming to "FIX" things unless you can verify what that site is for sure..... I am MCSE along with a bunch of other network specialist alphabet titles and rely on this stuff to make my living when not installing business and medical networks for offices.

While the Feds certainly can not shut down your computer (well by any legal means) they could cause you a problem IF this is a legit issue.. IF your DNS had been or is hijacked by some malware, the FEDS shut down the "bogus" DNS server, you would in fact loose the ability to navigate the Internet.. A "fake" DNS server or system would have no "apparent" affect that you should see (the entire point is to be transparent to the user). The fake server being shut down would simply leave you with no way to convert a domain name (google.com for instance) to the correct IP address.

DNS (Domain naming system) services are the things that make the Internet what it is.. DNS takes the FQDN (Fully qualified domain name) of a site and reference it to a server on the Internet via the IP.. IE cpap.com resolves to 67.23.36.234.. If you did not have DNS, you would have to enter that IP address to get where you wanted to go.. DNS removes the problem of taking an alphanumeric name and connecting it to a numeric IP address (all devices on the internet must have a unique IP) In short, we have taken a bunch of 1's and 0's and turned them into cpaptalk.com. IPV4 dictates that there are some roughly 4.3B possible IP addresses..(and they did run out) IPV6 *the "new" protocol sort of expanded this pool to (wait for it)

340,282,366,920,938,000,000,000,000,000,000,000,000 2/128 from 2/32 (I think that is 50B addresses for every man, woman and child on the planet)

Your computer has a funny little file stashed inside the operating system called "hosts" it has "special" entries for things like a loopback ip (127.0.0.1) as well as custom entries used in many network situations. The computer looks to this file FIRST before going out to one of the internets "root" servers (you might see this in your network settings as DNS IP).. it is also a target of many malicious malware installers and can render your computer pretty useless if changed.. (Windows 7 has this file "read only" by default unlike xp)

A "virus" would look modify this file as to direct all traffic to a specific IP (probably to a place you dont want to be..

Redirects are nothing new.. been around forever and many sites use them when they move servers etc..

I strongly suggest using a custom HOSTS file myself.. it will stop many spam sites from posting endless adds to your computer as well as stop many malware installers from known sites... It can and will sometime block ads you might want to see (Google paid ads are blocked like mad)..

For more detailed info on DNS and how it is literally the backbone of your precious Internet go to http://winhelp2002.mvps.org/hosts.htm and read up... There are a couple other utilities and "tune up" methods listed there but leave them alone... if you do not know what you are looking at or working on, you will likely end up worse off... systems are pretty fully optimized as they are today and gains are for "tweak geeks" that think an extra 100kps is worth 2 hours of work.. (most sane techs giggle and move on to more important things like mafia wars)

There is also an installer for a premade custom HOSTS file that I find to be most adequate for mosts.. If you find sites getting blocked you would rather see, you can remove the specific entries from the HOSTS file and reload the thing (there is a file called plain "HOSTS" in the file set, you open it with notepad.exe and remove the site from the list you want to see, they are redirected to 127.0.0.1 to keep them from opening on your computer)

Am happy to answer any specific questions about this you might have.. (hope I have not confused you further)



AFWIW>. the website listed by the OP is valid... it does a DNS check to verify that you are in fact getting valid DNS info.. (Google it)

More info on this, easyier to follow:

DNSChanger is not the end of the world
By Woody Leonhard
DNSChanger virus spells 'Internet Doomsday' … The end is nigh, according to the FBI … 'Internet doomsday' will strike us all on July 9 …
That's what a couple of popular websites had to say about the DNSChanger virus. What a crock!
I've been writing about viruses for about two decades, and I don't think I've ever seen headlines that ridiculous from sources that should know better.
DNSChanger is a real piece of malware — it's a variant of the TDSS/Alureon family of Trojans — and it was a real problem until taken down Nov. 8, 2011, in a joint FBI–Estonian police action code-named "Operation Ghost Click" (FBI site).
Since then, it seems, DNSChanger has hit headline after headline — with dire warnings. Even local TV news programs have covered it in breathless terms, as if it were the worst thing to ever infect your computer.
Lemme tell ya. It's easy to write scary headlines such as "New Mac Trojan makes your clicking finger fall off!" (no doubt because Mac mice have only one button) or "Log on to Windows and lose your life savings!" It's not so easy to examine the threat, digest it, translate it into terms we can all understand, and make a few simple recommendations.
That's the goal for this column. Is it true that, as a Huffington Post U.K. headline put it, "The end is nigh, according to the FBI!"? I don't think so.
Exactly what does DNSChanger do?
With an estimated four million infected computers — 500,000 in the U.S. alone — DNSChanger was one of the largest botnets ever disassembled. However, despite what you may have read, this botnet wasn't designed to steal your credit-card numbers or bank-account passwords. DNSChanger rerouted your browser to websites that mostly sold little blue pills, antivirus products that didn't work, and other scummy stuff.
The people behind DNSChanger received commissions from these fake pharmaceutical companies, rogue antivirus sites, and other unsavory cyber characters. The FBI avers that these "commissions" amounted to more than $14 million.
Typically, DNSChanger infected systems by posing as a codec needed for viewing videos streamed from adult sites. When you clicked to view these bogus videos, Windows Media Player would complain that it didn't have the right codec. Users then downloaded the codec from the site, gave permission to install the codec, and — well, there you go.
(Given the amount of unauthorized Web surfing on business PCs, it should not be surprising that half of the Fortune 500 companies and roughly half of all U.S. government agencies now have one or more PCs infected with DNSChanger.)
As befits a TDSS/Alureon variant, the infection is a nasty one — full rootkit behavior that's hard to detect and even harder to clean.
On Windows, the infection changes your computer's DNS server, usually by hacking the Registry. (If you aren't familiar with Domain Name Servers — the White Pages of the Internet — check out Susan Bradley's April 5 Top Story.) With a subverted DNS server, you might type http://www.google.com into your browser — any browser — and end up at http://www.buyonlinepharmaceuticalsifyoudare.com. The bad guys set up several DNS servers that did exactly that.
Naturally, if you tried to go to common Web addresses that offer antivirus help, AV scans, patches, advice, or even news about DNSChanger, you were rerouted. Effectively, your browser belonged to DNSChanger.
DNSChanger meets its match on two continents
As scary as that DNSChanger sounds, you no longer need fret over it — you no longer have to worry about DNSChanger changing your PC's DNS server. The FBI and many other organizations — in the U.S. and in Estonia — took DNSChanger down. You might still get an Alureon infection, but it won't be DNSChanger.
Although it took years, the FBI succeeded in identifying the people directly involved in the scam — six men in Estonia. The agencies also found the IP addresses of the DNSChanger servers: all were located within the U.S.
In a complex, well-coordinated action, Estonian police arrested most of the bad guys, who are now facing extradition to the U.S. To minimize Internet service disruptions to those four million infected PCs, the FBI and Internet Systems Consortium (the nonprofit company that maintains the ubiquitous DNS server software, Binds) pulled off an amazing technical feat: they quickly replaced the malicious servers with legitimate DNS servers. (Many PC users might still not know they're infected. But at least they're getting to their intended websites.)
Operation of the DNS server farm was given to a new organization called the DNSChanger Working Group, which consists of representatives from the computer industry and law enforcement. That left the FBI in the position of running a DNS server farm — and also left a nagging question.
The take-down aftermath, and what you can do
For those four million PCs, what's the smarter move: leave users unaware that they're infected and maintain the servers indefinitely, or gradually shut down the servers and cut off small numbers of users at a time?
It's a tough choice. There's no right or wrong answer, from my point of view. The FBI and BINDS could perhaps try to intercept a handful of webpages and put up warnings on them. But that might scare the daylights out of a lot of people and leave them with the task of changing to another DNS server on their own.
The FBI and the DNSChanger Working Group originally had court permission to keep the server farm running until March 8. As the deadline approached, people fretted that shutting off the remaining infected machines (still millions of them, at that point) would cause a lot of panic. So they sought, and received, a court extension to July 9.
Will the DNSChanger Working Group look for another extension after July 9? I think it's highly likely that they'll ask for — and receive — an extension. Remember, though, somebody has to pay for running the temporary server farm.
So while we wait for an Internet Armageddon that will never come (at least not from DNSChanger), here's something you can do (and have all your friends do, as well). Go to the DNSChanger Working Group Detect site and click the link at the bottom for your language or country. (Because you're reading this in English, you'll most likely click through to the main DCWG test page.) When you get to the DNS Changer Check-Up page, you'll see a large graphic — if it's green, you're fine; if it's red, you're infected.
There are lots of DNSChanger-fixing programs out there. I've not run across any infected machines yet; but if I do, my first choice for cleaning them would be Windows Defender Offline, which I wrote about in my Jan. 5 Top Story.

Chicken Little said,"Y2K!", and ran to tell the king.