Some ISPs are performing internal redirection. Some, in fact, have been doing it since the takedown last November.
The redirection has to stop at some point. And keep in mind, most of the systems infected with DNSchanger have other malware running on their boxes, so keeping those systems up indefinitely is actually not a good thing. Andy Andrew Fried andrew.fr...@gmail.com On 7/6/12 5:40 PM, Jay Ashworth wrote: > So... might large and medium ISPs not redirect DNS to those known addresses > to a resolver in house, which would log the client IPs and let them > know whom to address? > > Cheers, > -- jra
