On Tue, Mar 4, 2014 at 12:33 PM, Ian McDonald <i...@st-andrews.ac.uk> wrote: > Until the average user's cpe is only permitted to use the resolvers one has > provided as the provider (or otherwise decided are OK), this is going to be a > game of whackamole. So long as there's an 'I have a clue' opt out, it appears > to be the way forward to resolve this issue. Shutting down one set of 'bad > resolvers' will simply cause a new set to be spawned, and a reinfection run > round the still-unpatched cpe's of the world.
+1. Local network resolvers/trusted providers (Google 8.8., OpenDNS), "Clue Opt Out" switch available if needed.
