DNSwatch
What is it?
DNSwatch is a free service that will check every website address your computer is trying to access. Basically the checks are performed while you're browsing the internet, clicking a link in an email, or running a program "under the hood" trying to communicate with servers for information or updates. This service is brought to you by the MyCERT folks at CyberSecurity Malaysia.
DNSwatch will help you avoid known bad websites or sites that will trick your computer into downloading and installing malicious programs on your computer. Even better, DNSwatch will also prevent you from accessing malicious websites that you may not even know your computer is trying to access. Additionally, it also prevents nasty programs from "phoning home" and secretly communicating between your computer and cybercriminals.
How Does It Work?
When you type in the web address (or URL) in your browser and click "Go" or "Enter", your browser then will send the it to our DNSwatch. DNSwatch looks it up in a table, checks it against the list of bad websites, and if it passes, sends back the numeric IP address so your browser knows where to go to get the web page. All this process is performed in milliseconds and will not affect your browsing speed.
If DNSwatch discovers that the web address is associated with badness, you will be rerouted to the DNS Watch landing page.
Get the security you need for safe and reliable Internet surfing today
Point your DNS to 175.139.182.51
For testing purpose, make sure you are able to browse to http://landingpage.mycert.org.my
HOWTO - DNSwatch configuration/removal for:
Figure 1: Blocked malware website
DNSChanger Removal Tool
Description
Following the recent propagation of the DNSChanger malware, MyCERT has released a tool for removing the DNSChanger malware for the Microsoft Windows operating system.
The DNSChanger removal tool also includes a function to aid users to configure their DNS settings. The tool basically provides users to set their DNS to one of the following:
- Dynamic Host Configuration Protocol (DHCP)
- Google DNS (8.8.8.8)
- MyCERT DNSWatch (175.139.182.51)
- Manual configuration
More information on how to remove the DNSChanger malware is available at the following URL: http://dnschanger.detect.my/removal.html
You can also download this tool by clicking on the following URL: click here
(md5: 57670ddf8f6e9a9e614be5d0594d7cb9 )
The following screenshots show examples when using the DNSChanger Removal:
Figure 1. Main user interface
Figure 2. Removing the malware
Figure 3. Option for user to change their DNS setting
Feedback
Feel free to contact us at honeynet[at]cybersecurity.my to give feedback or comments about this tool.
MD5 Search
Description
MD5 Search is a freeware tool that is able to perform file searches based on Message Digest 5 Checksum (MD5 sum). MD5 sum is a 16-byte (128-bits) Hexadecimal number (written as 32 characters using the digits 0-9 and A-F or a-f). Example of MD5 is d41d8cd98f00b204e9800998ecf8427e.
This Windows based tool allows users to paste the MD5 sum andperform search. If the search is successful, the filename together with the location of the file will appear. This tool is useful when users do not know the filename and location of a file that they have but they have the MD5 sum.
To download this tool, please click here.
Screenshot :
Figure 1: MD5 Search