Blocking External DNS Servers Posted on February 25th, 2009 by

In the past few months we have had a number of infected computers on our network which were using DNS servers other than our own and were most likely malicious.  Thus if those computers tried to go to a site like paypal.com they could have ended up at an evil version of paypal.com that was there to steal login information.

Other infected computers have tried to pass along bad DNS servers to others on the network and get them to use the malicious DNS servers as well. This is what was causing network issues in Pittman and Sohre last night.

To help us combat this we have decided to block access to DNS servers that are not on our campus.  The OpenDNS servers are an exception to this rule.  Also, the ssh server is allowed to use any DNS server so if you need to use nslookup or dig to query external DNS servers, you can do it from there.

Unless you know something about DNS and have specifically configured your computer to not use the Gustavus DNS servers, you should not have to change anything due to this.

 

Comments are closed.