The solution to prevent the spread of the first generation Bitcoin blackmail virus WannaCrypt through self-defined domain names 01/17 Update SLTechnology News&Howtos

The solution to prevent the spread of the first generation Bitcoin blackmail virus WannaCrypt through self-defined domain names

2025-01-17 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/03 Report--

Use the DNS custom policy feature of UTMWALL or Earth Cloud Control system to create a domain name resolution, point the www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com,IP to an 80-port WEB server, point the DNS server address of the DHCP server to the local device IP, or redirect the 53/UDP traffic to the local device IP at the gateway, or modify the DNS server of the PC Windows to set it to the local device IP. It is understood that the domain name is a switch used by virus developers for internal testing. When it is to be further spread, it will first try to connect to the domain name, and if it can be connected, it will not be further scanned and spread, but because it is a foreign website, access from China may be contaminated by DNS, resulting in inability to access the WEB service at port 80, so you can modify the DNS server settings. And do custom resolution for the domain name on the DNS server to achieve the same purpose of preventing proliferation.

Note: this article is only a technical suggestion and has not been tested in the actual process of virus transmission, but this technical measure is simple and inexpensive, and is suitable for implementation in an intranet isolated from the Internet.

DNS proxy filtering-example of domain name rule settings

Http://www.trustcomputing.com.cn/help/cn/appfilter/dnsfilter/dnsruleshow.html

After the resolution is completed, you can verify it under the client's DOS:

Nslookup www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com 121.42.51.234

The latest download information of Avatar Earth DNS&URL& × × Cloud Control system:

Http://www.trustcomputing.com.cn/bbs/viewthread.php?tid=1174

Reference:

He spent dozens of yuan, and in the blink of an eye, he stopped the whole network storm from spreading!

Http://weibo.com/2549228714/F2WX61oBv

How to Accidentally Stop a Global Cyber Attacks:

Https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.