View topic - OpenDNS and Botnets - Windows, Apple, Application, Abandonware and Game Beta Downloads/Repository

ken27238 · **Post subject:** OpenDNS and Botnets **Posted:** Wed May 16, 2012 3:58 pm

so i use OpenDNS and today i when and logged into my account and on my dashboard its saying that my laptop has a botnet. so I ran Malwarebytes and i am going to be running MSE but so far there is nothing. could it be a false positive?

(also the OpenDNS software says that someone else is using my IP address)

mattnotley2004 · **Post subject:** Re: OpenDNS and Botnets **Posted:** Thu May 17, 2012 8:56 am

Are you using a static or dynamic IP address through your ISP?

Double check your IP details on OpenDNS match up with your actual IP address.
You may need to login to your router to confirm, or visit www.whatismyip.com

I'm guessing the OpenDNS software isn't able to "phone home" correctly, and isn't matching your IP address against your account.

ken27238 · **Post subject:** Re: OpenDNS and Botnets **Posted:** Thu May 17, 2012 1:44 pm

mattnotley2004 wrote:

Are you using a static or dynamic IP address through your ISP?

Double check your IP details on OpenDNS match up with your actual IP address.
You may need to login to your router to confirm, or visit http://www.whatismyip.com

I'm guessing the OpenDNS software isn't able to "phone home" correctly, and isn't matching your IP address against your account.

IP address is back to normal now, but the OpenDNS dashboard still says I have malware on my system

and I have ran Malwarebytes and MSE but they found nothing. is this a false positive or is there anything else I can run to fix this problem?

this is a screenshot of the top requested domains from May 3rd to the 16th:

I am unable to go back to the date of the original request (April 28th) since I do not have a pro account. could it be because of these it was flagged as malware?

mattnotley2004 · **Post subject:** Re: OpenDNS and Botnets **Posted:** Fri May 18, 2012 12:17 pm

You may not have malware on your system.
It's possible someone else on your network has malware, or even a fault on OpenDNS's systems - giving you completely false data.

Does your ISP provide you with a static IP address, or is it dynamic?
Are you running Dynamic DNS on your router?
Are there any other users connected to your WiFi/Router?

Try changing your WiFi password, maybe someone knows your password.

There are still a number of possibilities, unfortunately it's a bit hard to narrow down without knowing your setup.

ken27238 · **Post subject:** Re: OpenDNS and Botnets **Posted:** Fri May 18, 2012 4:50 pm

mattnotley2004 wrote:

You may not have malware on your system.
It's possible someone else on your network has malware, or even a fault on OpenDNS's systems - giving you completely false data.

Does your ISP provide you with a static IP address, or is it dynamic?
Are you running Dynamic DNS on your router?
Are there any other users connected to your WiFi/Router?

Try changing your WiFi password, maybe someone knows your password.

There are still a number of possibilities, unfortunately it's a bit hard to narrow down without knowing your setup.

ISP give me a dynamic address

no I am not running dynamic dns on my router

our desktop computer is connected via Ethernet to my router, sometimes.

Concrete Donkey · **Post subject:** Re: OpenDNS and Botnets **Posted:** Tue Jun 05, 2012 5:51 am

If you've scanned all of the machines on your network then it should be fine. I've had OpenDNS report that their was botnet activity but in fact they incorrectly flagged the Dell website, also it could have been part of a drive by download that OpenDNS blocked and simply flagged as a known domain for a botnet C&C server.

Forum rules

OpenDNS and Botnets

Who is online