I've been a long-time user of OpenDNS. The free service allows you to add customizable content filtering for all internet activity on your network and provides extremely fast DNS look-up results, making browsing faster. OpenDNS even tracks statistics on network activity and puts it in a handy dashboard. When I logged in to my OpenDNS Dashboard recently, I noticed an alert informing me that there was "Malware/Botnet Activity Detected" on my network. The Dashboard prompted me to check my stats so that I could supposedly track down whatever malware may or may not be active on my network.
Has anyone else seen malware/botnet activity detected in their OpenDNS network stats? For those of you who may have upgraded to a paid OpenDNS account, what is the benefit of upgrading? Does it provide sufficient information to track down any potential threats on your network, or is this just a scare tactic?
Unfortunately, it is more than likely that there is some malware activity going on. I recently had an incident, where I was getting the botnet/malware alert (I have been a long time OpenDNS user of the Free Product) and by using a tcp_dump feature on my firewall found the device that was trying to phone home. It turned out it was a contractor, who was using his own laptop on site. After I brough this to his attention he used malwarebytes to clean up his system at which points the alerts ceased. Anyway, just my $0.02 on the matter.ReplyDelete
Yeah, it must have been a visiting family member, in which case, I may or may not be getting a phone call soon for a request to come clean up the laptop. :-)ReplyDelete
I use several apps that will send imcp ping requests to any given host i choose,to monitor the quality in real time of my Internet connection, these tools will show packet loss latency ect, i think that open dns may see these as malware botnet ectReplyDelete
I recently had a similar issue, but after all it turned out to be my modem sending out thousands of requests after I unplugged my router for the night.ReplyDelete