Fact or Myth: Is the internet being shut off on July 9th?

  • 23 April 2012
  • 1 reply
  • 45 views

Userlevel 7
  • Retired Webrooter
  • 1581 replies
Is the internet being shut off on July 9th?
Recently you may have seen some well-meaning but somewhat ill-informed gossip circulating online that the FBI is going to shut off the internet on July 9th.  While there is a nugget of truth in that rumor, it's mostly incorrect.
 
Here is what's actually true:
Way back in ye olden days of the year 2007 when we were all still using IE7 and Firefox 2, there was some malware called DNSChanger.  It worked by hijacking your DNS settings (the system that changes *insert any http:// web address here* into an IP address behind the scenes and allows you to get around online).  Instead of going where you intended to go, you would be redirected someplace else entirely.  In this case, when you tried to go to a website to buy something legitimate, it would redirect you to a similarly-themed but fraudulent website where you would essentially be robbed.
 
This illegal scheme was quite lucrative for the malware writers until the FBI finally shut them down in November of 2011.  This begs the question that while it's great that the FBI shut them down, what happened to all that malware?


The answer is that the FBI obtained a court order that allowed for those DNS servers to be converted into clean, functional DNS servers.  However, that was just a temporary measure designed to keep all the infected computers from ceasing to be able to use DNS functions until they could be cleaned off.  Basically the FBI bought people with infected computers some time to deal with their situation before taking down the formerly bad DNS servers altogether.
 
So on July 9th, the FBI is finally going to take down those DNS servers completely.
 
What does this mean for you?  Hopefully nothing.  If you have internet security, you almost certainly don't have the DNSChanger infection on the system anymore.  Webroot, for instance, will remove the DNSChanger infection.  However, it is possible that if you ever had that infection, you still have DNS settings pointing at the bad servers.
 
To check, go to one of these websites:
http://www.dns-ok.us
http://www.dcwg.org
 
The websites will automatically check and notify you of whether or not you are affected.  If the website says you're ok, there's nothing you need to do.
 
In the event your computer is pointing at the bad DNS servers, the best thing to do is contact your Internet Service Provider (ISP) to have them assist you in correcting your servers to the proper values.  Not all ISP's are set up the same way, and while we can instruct you on how to reset the DNS servers, some ISPs are not configured to support automatic DNS.  That's a rare situation, and generally speaking the instructions below will help to resolve the problem.  In the event you're still having trouble though, it would be wise to contact your ISP.
 
That said, here is how to reset your DNS settings in XP, Vista, and 7:
 
XP:
1.  Click Start, then Control Panel
2.  Click Network Connections
3.  Right-click once on Local Area Connection and select Properties.  A window called “Local Area Connection Properties” will appear.
4.  In the General tab, highlight "Internet Protocol (TCP/IP)" from the list, then click Properties.
5.  If “Use the following DNS server addresses” is selected, select “Obtain DNS server address automatically.”  This is the correct setting.  Then click OK.
**Note: You will need to do this for all the connections listed in the Network Connections window.
6.  Restart your computer.

Vista:
1.  Click the Windows logo in the bottom left corner of your screen to open your Start menu.
2.  Click Control Panel, then Network and Sharing Center.
3.  Now click Manage Network Connections.
4.  Right-click once on Local Area Connection and select Properties.  A window called “Local Area Connection Properties” will appear.
5.  Please highlight "Internet Protocol (TCP/IP)" from the list, then click Properties.
6.  If “Use the following DNS server addresses” is selected, select “Obtain DNS server address automatically.”  This is the correct setting.  Then click OK.
**Note: If both Internet Protocol (TCP/IP) v4 and v6 appear in your list, you will need to check the Properties for both.  Also, be sure to follow the steps above for all the connections that appear in your Network Connections window.
7.  Restart your computer.
 
Windows 7:
1.  Click the Windows logo in the bottom left corner of your screen to open your Start menu.
2.  Click Control Panel, then Network and Internet.
3.  Now select Network and Sharing Center.
4.  Click Local Area Connection, then click the Properties button.   A window called "Local Area Connection Properties" will appear.
5.  Please highlight "Internet Protocol (TCP/IP)" in the list and click Properties.
6.  If “Use the following DNS server addresses” is selected, please change the selection to “Obtain DNS server address automatically.”  This is the correct setting.  Then click OK.
**Note: If both Internet Protocol (TCP/IP) v4 and v6 appear in your list, you will need to check the Properties for both.  Also, be sure to follow the steps above for all the connections that appear in your Network Connections window.
7.  Restart your computer.

1 reply

Userlevel 7
Big kudos to Google for helping out with this.  If your computer is still using one of the bad DNS servers, Google will now warn you as well.  Full story here.

Reply