March 8th – Death day for the Internet?

Picked up from the Russian news service, RT, here.

Apparently the FBI will be shutting down some temporary DNS servers set up to replace those infected by the botnet trojan, a nasty little piece of misdirection malware, on 8th March. The thing is, no one seems to know if those temporary, and Internet critical DNS servers are going to be replaced in time or not.

Without DNS there is no World Wide Web. Not as we know it. Looks like a lot of the Interweb might be subject to a major hiccup. Expect a lot of 500 series errors that day.

Might schedule that as a day off. Hi ho.

8 thoughts on “March 8th – Death day for the Internet?”

  1. General: You could indeed learn the IP address of every Web server you wish to visit. But which site? Hundreds, indeed sometimes thousands of web sites could be hosted at one specific Web address, or via a single portal server. DNS allows you to go straight to a specific web address. Without it you’re scrabbling around in someone else’s file system that might not be as logically set out as you think.


  2. It’s got everything to do with up to date anti-virus sw. Your PC has the addresses of your ISP’s DNS servers. If your PC is infected so that it uses the fake FBI servers instead, then when they shutdown you will have problems. If you don’t have the trogan installed on your PC then you will have no problem.

    Now, if the trogan was on your ISP’s servers, or on your company’s router/firewall then you might have problem even if your PC is perfectly clean.


    1. SBML, DNS is part of the backbone of any TCP/IP network. Part of the protocols that allow the Internet to function.

      The Trojan was and is on various servers worldwide. It was designed to hijack and redirect your browser request to a dodgy web address, using the existing open port on your Firewall. While your antivirus might stop your own machine getting infected, it won’t stop the redirect.

      BTW: the FBI DNS servers aren’t ‘fake’, they’re ‘temporary.


      1. See my 2nd paragraph. I do mention servers other than your own computer which could be infected and cause you problems. But they would need to be Windows servers and the majority of such internet servers are *nix based.

        The Trogan could infect such Windows servers but it was primarily designed to run on desktop computers and redirect their DNS access to malicious servers which would then pretend to be the real thing and used to harvest any personal information. It doesn’t actually infect gateways or routers but just changes their settings.

        Now if you are unlucky to be on a network (office or wifi) infected with the trogan, your DNS settings might be affected because the trogan would try and get in first with it’s IP addresses rather than the proper DNS server, but a quick reset of the network settings will fix this. It just requires a clear out of your PC’s DNS cache and getting it to find the proper DHCP servers and thereby the DNS servers – so long as all computers on the network have been disinfected.

        The “fake” or rather temporary FBI servers were put in place to allow infected computers to access the proper sites until they were disinfected. All the FBI servers did is delay the identification of such infected PCs because they would carry on as if nothing had happened. It probably made the situation worse because whilst the FBI servers were in place more PCs would have been infected with the trogan leading to the situation that when the FBI servers were finally stopped there would be more PCs having problems than if they had just shut down the trogan’s servers.


  3. Sorry SBML, but that has precisely nothing to do with DNS. If there is widespread DNS failure you won’t be getting anywhere to even need anti-virus in the first place.


Comments are closed.