We took the CIDR blocks listed here; http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-ma lware.pdf And ran them against net flow data from our external links and were able to generate a list of subscriber IP addresses that were using the rogue DNS servers. Lane -- Lane Powers Southwest Arkansas Tel On 1/19/12 3:19 PM, "Chris Adams" <cmadams@hiwaay.net> wrote:
Once upon a time, Andrew D. Dibble <adibble@quantcast.com> said:
FBI seems to have a list of netblocks hosting rogue DNS servers here: https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS
So should I try to type in all the IPs on my network, one at a time? Oh wait, that page requires Javascript to check an IP; like I'm going to allow the FBI to run JS on my computer.
-- Chris Adams <cmadams@hiwaay.net> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.