The IoT botnet mentioned in another blog post caused the lead in story on evening news yesterday.
The millions of internet connected cameras, DVRs, etc. with default or easily guessed passwords were directed towards dyn.com. dyn.com is part of the cloud infrastructure that provides Dynamic Name Services (DNS). This service takes the name you enter into your browser and provides the IP address needed to connect to the name's web presence. The sites themselves were not attacked -- this time -- only the ability for users to resolve the name to IP address.
This botnet will become more and more powerful and thus used more and more in the future. The code used to power the botnet was released and scanning for vulnerable IoT devices has greatly increased. Any/everyone on the planet can attack every/anyone on the planet.
When this happens again and you need to access a critical site that is being attacked via the DNS server method there is a method to gain access.
The major Operating systems for PCs: Windows, macOS, and Linux all have the nslookup command. Get a CMD or terminal window, use the nslookup program to get the IP address for each critical site you would need access to:
once that is done capture that info to a file on your computer(s).
When needed take the IP address for the site you need access to and use the IP address in place of the name in your browser.
Now you can access your critical sites.
No comments:
Post a Comment