TimeWarner DNS Hijacking 339
Exstatica writes "It looks like TimeWarner is taking vigilante action on the botnet problem. They've hijacked DNS for a few IRC servers, the latest being irc.mzima.net and irc.nac.net — both part of EFNet. (irc.vel.net was hijacked earlier but has been restored.) Using ns1.sd.cox.net, the lookup returns an IP for what looks to be a script that forces the user into a channel and issues a set of commands to clean the drones. There have been different reports of other IRC networks being hijacked and other DNS servers involved. Is this the right way to handle the botnet problem? Is hijacking DNS legal?" Botnets are starting to move off of IRC for command and control, anyway.
Update: 07/24 00:01 GMT by KD : Updated and added more links; thanks to Drew Matthews at vel.net. 07/24 11:52 GMT by KD : Daniel Haskell wrote in to say that ircd.nac.net is seeing cox.net connections again, and that they are in discussion with the EFF over the matter.
Update: 07/24 00:01 GMT by KD : Updated and added more links; thanks to Drew Matthews at vel.net. 07/24 11:52 GMT by KD : Daniel Haskell wrote in to say that ircd.nac.net is seeing cox.net connections again, and that they are in discussion with the EFF over the matter.
In other news (Score:1, Funny)
This is a DNS hijacking. (Score:5, Funny)
The Right Way? (Score:5, Funny)
>Is this the right way to handle the botnet problem?
No. The right way involves castration with rusty linoleum knives, Turkish prisons, and rabid wolverines. If that doesn't work, we should quit being nice and get nasty with these folks. Seriously, this problem will not go away until people start doing some hard time, preferably with a cell mate who does not need Erct|le Member Help!
Re:Fair game (Score:3, Funny)
Re:IRC networks must police themselves (Score:5, Funny)
Re:The criminal code calls it "Theft of Services" (Score:4, Funny)
PA recently became the 50th state in the union [post-gazette.com] to put their laws online.
Re:About time (Score:2, Funny)
Re:Alternative DNS? (Score:1, Funny)
I'll stick to memorizing the IP addresses of all the sites I like, thank you.
Re:New Update since i submited this yesterday (Score:0, Funny)
A**hole....
Re:New Update since i submited this yesterday (Score:5, Funny)
I look forward to Cox meeting their lawyers.
Evil_lawyer_dude: You have exploited a vulnerability in my clients software
Cox Communications: Ooops, so we have, would you care to name your client
Evil_lawter_dude: I don't have to
Cox Communications: Well, without evidence of harm done to your client we can't be held liable for anything
Evil_lawyer_dude: My client has been unable to carry on his business using the resources of your customers
Cox Communications: Yes, and we have a list of customers who would be part of a counter suit, no go away or we will taunt you some more.
This is bad....*how*? (Score:2, Funny)
Majority Computer User: "'IRC'? I'm seeing who??? Who am I seeing and when? Why am I seeing them? What're you talking about?!? Am I being charged for this?!? OMG, did Billy download music or movies or something?!? Oh Jesus Christ I'm going to kill that brat! Oh God, did you report me?!? I'm going to jail, aren't I?!?"
TWC: (sweatdrop)
So. Explain to me how castrating bots without disturbing or distressing the vast and overwhelming majority of computer users is a bad thing?