Significant Internet Security Alert
There is a new, and very serious, security issue affecting computers
world wide. It is known as DNS Hijacking. Here's how it works: You or someone
using your computer visits a web site or downloads a program that
contains malicious code. This code changes your Windows Internet
settings to use what's called a "Rogue DNS" server.
First, we'll explain what a
DNS Server is for those that do not know. Basically, whenever you want
to go to an Internet web site you type in an address such as
www.google.com. Actually, this address does not really exist, rather it
is the "friendly name" of a web site that is accessed by an IP
address such as 200.200.200.200. Every computer on the Internet has an
IP address, even yours. Obviously, it would be extremely difficult to
remember all those addresses, so what a DNS server does is to translate
the "friendly name" to the corresponding IP address. Every single
computer on the Internet uses a DNS server to translate these addresses.
You DNS server is usually assigned to you by your Internet provider, and
in many cases, this is done automatically in the background.
The DNS server you use
can be easily overridden. A malicious application can override your
default DNS server and tell Windows to use a different DNS server. You
will never notice the difference and in most cases, there is no problem.
However, what these "Poisoned" DNS servers will do is to change the IP
addresses of some web sites to forgery web sites.
For example, say you
want to go to the Bank of America web site to check your account
balance. Rather than going to the real Bank of America web site, the
Rogue DNS server takes you to a different web site that is a perfect
forgery of the legitimate one. They may ask for user names, account
numbers and passwords. They record these and can then access your account any
time they want to. These DNS servers can be used for other purposes as
well such as displaying pornography, unwanted ads, and bogus search
results. This is an extremely dangerous threat!
Your Internet Security
Software Does Not Protect You
Most current Anti-virus and other Internet security software programs
can find and remove these malicious programs, however in most cases they
cannot prevent the damage from being done. Once your DNS is modified, NO
Internet security program can fix this or even report the problem to you.
Free DNS Checker Program
from CYBERsitter
Because of the seriousness of this issue, and the lack of available
tools to discover and fix the problem, we created a free utility
called "What's My DNS" that will check your Windows settings and let
you know if your computer has been compromised. We have collected the
addresses of all known Rogue DNS servers and will keep it updated as new
information becomes available. It will also perform other checks for you
like telling you if you are being redirected to a DNS server in a
different country. This program is extremely easy to use, very small,
does not interfere with anything, and best of all, it is totally
free. We strongly recommend that everyone get this and run it
frequently. For the time being, it is probably advisable to run it
immediately before starting an Internet session where you may be asked
for financial or other personal information. It takes less than a second
to do it's work.
If you would like a free
copy of "What's My DNS", simply click here.
Do you have a wireless
network?
One of the latest security issues facing home computer users is wireless
network intrusion. Most people have no idea if unauthorized users are
using their wireless Internet connection for their own purposes. These
days, almost every new computing and entertainment device supports
wireless networking. You need to know what and who is connected to your
network. Watch for our March newsletter where we will be introducing a
new, easy to use network monitor designed specifically for home users.
|
