/ Geek tricks

Check Your DNS Server Before You Lose Your Internet Connection On July 9

Yes, what you are about to read is an absolute fact, and you might be the victim too. But what is it that we are fearful of? In fact, it's a Trojan Horse, named DNSChanger, which suspiciously redirects your internet traffic through the malicious DNS Servers which may hurt your security. 

As reported in March, the FBI has uncovered a network of rogue DNS servers and has taken steps to disable them. DNS (Domain Name System) is an Internet service that converts user-friendly domain names into the numerical Internet protocol (IP) addresses that computers use to talk to each other. Thus, whenever you enter a domain name like www.technotravel.in, your computer queries the DNS server to get the IP address of the corresponding site, in this case the computer will query the IP address of TechnoTravel.in to ultimately reach to the server of TechnoTravel.in to fetch its website content. Thus DNS do a very important job to provide the accurate IP address of each and every site on the internet.

But in case you are a victim of a rogue DNS Server, it will redirect your query to the malicious servers which may log your internet activity which may result in a possible security breach which is dangerous for your security. DNSChanger is malicious software created by cybercriminals to redirect the Internet traffic of millions of unsuspecting users to websites where the thieves have profited from advertisements. All computers still infected with DNSChanger malware will no longer be able to access websites, email, chat, or social networking sites like Facebook, Google+ after July 9th, as announced by FBI.

Here are the recommended actions that consumers should take before July 9th:

Consumers can follow these steps to find out if their computer is infected with the DNSChanger Trojan and if their Internet settings need to be updated.
Go to: www.mcafee.com/dnscheck

  1. Click the “Check Now” button to see if the computer has been infected.
  2. If the computer is infected, the website take the consumer through a process that will offer a free solution to get rid of the Trojan and update the Internet settings.
  3. If it is not infected, you will receive a “Congratulations, you are OK” screen and no further actions are needed. The computer’s Internet settings are up to date.
Here are the recommended actions that consumers should take beginning July 9th:

On July 9, if you are unable to access the Internet here is how you can access the DNSChanger Stinger tool:

1. Click on this link to download the DNSChanger Stinger tool: Click “Open” then Click “Allow.”

2. Follow the instructions in the “Readme.txt” file to run the tool or you can also follow the instructions below:

Double click “stinger.exe”

Click “Run”

Click “Scan now”
3. If the tool does not detect any malicious DNS server settings or malware then no further action is required. However, if you are unable to still access the Internet then you’ll want to contact your Internet service provider.

4. If the tool does detect that your computer is using a malicious DNS server, the stinger tool will fix the DNS setting.

The stinger tool will create the registry backup “TCIP_Registry_Backup.reg”. You can restore network settings with this file. Then restart your computer.

It is quite possible that if your computer is infected with this malware, it may also be infected with other malware. To protect yourself you should:
  1. Make sure your PC has comprehensive protection with antivirus, antispyware, anti-phishing, antispam and a firewall
  2. Set up regular updates of your operating system so you get critical security patches and keep your browser updated too
  3. Be cautious of clicking links in the body of an email
Stay safe!

Rajat Patel

Rajat Patel

Founder at TheNextGeek.com. Software Engineer & Business Analyst by profession. Avid open source evangelist. Mostly writes about Technology that interests him, and some neat tricks to make your day-to-day tech life a breeze.

Read More