OpenDNS against Conficker
OpenDNS service has learned to resist the attempts of computers infected by the Conficker worm to contact with a possible controlling domain. Thus, the use of OpenDNS will protect from evil actions of the worm, when (and if) the authors try to take advantage of built a potential super-botnet.
As previously reported, the Conficker worm (also known as Downadup and Kido) implemented a number of ingenious algorithms that have enabled it to infect about 10 million computers. All copies of the malware synchronously generate 250 domain names every day and try to contact the server, awaiting instructions from the coordinating center.
While these instructions from the attackers were reported, but there is no guarantee that it will last forever. At any moment they can begin to use those millions of computers to send spam, DDoS-attacks or for other purposes, making them the largest botnet ever.
Given that the algorithm provides a constant change of control over the domain, the traditional methods of struggle, including the disconnection of the centers of the Internet would be useless. Therefore, OpenDNS decided to go another way and cooperated with Kaspersky Labs experts. Those were able to crack the algorithm for the generation of domain names used by Conficker, which allows to determine, which server will handle the army of infected computers on any particular day.
Then the harmful domains database goes to the OpenDNS for being blocked. But to take advantage of this service is all about simplicity: it is enough to set the appropriate IP-address as the servers DNS - the operating system the computer or the router. Also, that the use of OpenDNS is absolutely free, because the owners earn typos allowed users with a set of Web addresses (and only those that the system was not able to correct automatically).
Of course, computers did not cease to be infected, but the risk of botnet attack will be significantly decreased.
About the Author: