[unisog] sypware control through black-hole DNS
michael.holstein at csuohio.edu
Wed Feb 1 21:31:33 GMT 2006
> There have been reports, though I don't recall seeing this recently,
> where malware will not use the locally configured recursive server(s).
> In that case, if you are allowing DNS queries to the outside world,
> then it will bypass that solution.
For a while there, various *bot variants were using dynamic DNS to
resolve their DNS servers .. making the electronic "whack-a-mole" game
we all play with the ircd exponentially more complicated.
More information about the unisog