Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Apple Applications > Mac Applications and Mac App Store

Reply
 
Thread Tools Search this Thread Display Modes
Old Oct 7, 2010, 05:04 PM   #101
munkery
macrumors 68020
 
munkery's Avatar
 
Join Date: Dec 2006
In terms of the DNS service it provides, OpenDNS should be fine. Given your alternative is Google, both services will have an advertising component to the service.

Just don't overly rely on the anti-phishing services it provides. Given that Google Public DNS does not include content filtering or anti-phishing services, it should be faster and less intrusive.

I looked into Google Public DNS and I would choose google over OpenDNS because it does not require you to sign up AFAIK. Also, PhishTank or Google Safe Browsing anti-phishing databases are integrated into most browsers so you already most likely have that functionality. I believe Safari uses Google Safe Browsing.
__________________
Mac Security Suggestions

Last edited by munkery; Oct 7, 2010 at 05:19 PM.
munkery is offline   0 Reply With Quote
Old Oct 8, 2010, 08:25 AM   #102
TaylorJ
macrumors regular
 
Join Date: Jan 2010
Thanks for your replies. Dont know how to multiquote so I'l try to answer peoples comments.

1.) my router does require a password to login. ATM I'm not sure if its the same password as my wifi password, it is very strong never the less. I'm not saying its unhackable, which is impossible, but theres a strong change it wont get hacked.

2.) I havent had the probem again so far, but this tends to happen. It goes away for a few days. Next time it happens you want me to reset the router? As in restore to factory defaults? or just a quick power reset?

If I do a quick factory reset, does that mean I need to connect my printer to my router once again? That was a pain. (printer has wifi and isnt connected to anything)
TaylorJ is offline   0 Reply With Quote
Old Oct 8, 2010, 12:10 PM   #103
munkery
macrumors 68020
 
munkery's Avatar
 
Join Date: Dec 2006
If the issue is malware on your router, then the only solution is a factory reset. But, if it is password protected, malware is unlikely the issue. A factory reset would include reconfiguring everything from scratch.

How do you login to make changes to settings if you don't what the password is? The only routers that I know of that store the password in keychain are apple routers.

The problem also could be from your ISP not having good security against DNS cache poisoning. An alternative DNS provider, such as Google Public DNS, may be a solution.
__________________
Mac Security Suggestions

Last edited by munkery; Oct 8, 2010 at 02:04 PM.
munkery is offline   0 Reply With Quote
Old Oct 8, 2010, 01:09 PM   #104
GGJstudios
macrumors Westmere
 
Join Date: May 2008
Quote:
Originally Posted by TaylorJ View Post
Dont know how to multiquote
To multiquote, click for every post you want to quote, then click .
GGJstudios is offline   0 Reply With Quote
Old Nov 29, 2010, 04:36 PM   #105
thaumaturgy
macrumors newbie
 
Join Date: Nov 2010
I know this is a stale old thread, but I came across it while researching a similar issue on a client's MacBook. I own a small I.T. consulting business in California with about 200 clients; we handle PCs and Macs and everything else for businesses and individuals.

First, in case anyone else comes across this thread through Google, it does not look like an issue with the Mac itself. Resetting your home DSL/Cable/Other modem or router is probably the right thing to do. For people that aren't aware, routers can have two passwords: one to access the wireless network, but a different one to access the administration areas of the router. Having a strong wireless password does not protect your router.

On this system, I'm seeing a lot of redirects and references to drvtrf.com in the user's history in both Safari and Firefox, but there's no indication that anything's amiss anywhere in the System Settings or the BSD subsystem (nothing in crontab; nothing in the hosts file; no strange routes; nothing in "/Library/Internet Plug-Ins"; no funky Safari or Firefox extensions; etc). If there's anything hiding in this thing, I can't find it (and neither can MacScan). So, it's probably not a Mac problem.

That said, the idea that a Mac can't be infected just by clicking on a link on a website is completely false. In fact, it's been done -- at least twice, publicly -- to win prize money. The experts here need to consider for a moment the implications from a security researcher like Charlie Miller being able to keep a remote exploit vulnerability for Safari a secret for over a year. Do you really think there's only one such vulnerability? The only remaining thing that a motivated attacker would need is a privilege escalation exploit, and those show up all the time for Linux and, less commonly, BSD -- so those almost certainly exist in the MacOS as well. A remote browser exploit combined with a privilege escalation vulnerability means that an attacker can install whatever they want, without the user's knowledge, just by getting the user to click on a link or visit a website.

I'm not a Mac-hatin' Windows tech, either; I've used Macs since System 7.5, done development work on them, and reverse-engineered software on them. They're just tools. They aren't perfect. They aren't invulnerable. You do a disservice to people to make them think they are. (Anybody remember the iPhone SMS of doom?) If attackers are targeting Linksys and Netgear routers now, then Macs can't be far behind, and the fact that so many people think they're invulnerable is only going to make the first hit that much more devastating.

I'd also like to remind other techs and professionals that users don't care about the difference between a virus, a worm, and a trojan. They just come to us with problems because we have more background in this technology than they do. They don't need -- or want -- a lecture about the intricacies of terminology any more than we would in taking our car to the shop and complaining about a bad throttle body on an MPFI engine or in calling pest control to deal with flies that are actually gnats. We get positive feedback from new clients all the time that have tried other tech services and been frustrated because the techs made them feel stupid, or weren't helpful, or were argumentative. Being friendly and helpful shouldn't be exceptional in this industry.

Thanks.
thaumaturgy is offline   2 Reply With Quote
Old Nov 29, 2010, 08:52 PM   #106
Gregg2
macrumors 601
 
Join Date: May 2008
Location: Milwaukee, WI
Quote:
Originally Posted by thaumaturgy View Post
the idea that a Mac can't be infected just by clicking on a link on a website is completely false. In fact, it's been done -- at least twice, publicly -- to win prize money.
Anyone taking the bait?
Gregg2 is offline   0 Reply With Quote
Old Nov 29, 2010, 09:17 PM   #107
GGJstudios
macrumors Westmere
 
Join Date: May 2008
Quote:
Originally Posted by thaumaturgy View Post
The experts here need to consider for a moment the implications from a security researcher like Charlie Miller being able to keep a remote exploit vulnerability for Safari a secret for over a year. Do you really think there's only one such vulnerability?
No OS is immune to malware or hacking attacks. However, the likelihood of the average Mac user being attacked by an accomplished hacker like Charlie Miller is ridiculously remote. It simply doesn't happen in everyday use. Could it happen? Sure! A tornado could pull my cellphone out of my pocket and throw it against objects in such a way as to dial my local pizza delivery service.... but I'm not holding my breath!
Quote:
Originally Posted by thaumaturgy View Post
The only remaining thing that a motivated attacker...
That's the issue. There's no motive to attack the average user's computer. Charlie was motivated because it was a controlled contest and the prize was money, notoriety, bragging rights and a new Mac. The average hacker isn't being offered those things to go after the average Mac user.
Quote:
Originally Posted by thaumaturgy View Post
They're just tools. They aren't perfect. They aren't invulnerable. You do a disservice to people to make them think they are.
Right. They're less-than-perfect tools. No one is suggesting that they're invulnerable.
Quote:
Originally Posted by thaumaturgy View Post
I'd also like to remind other techs and professionals that users don't care about the difference between a virus, a worm, and a trojan.
If they want to be protected, they should know the difference. Computers are technical devices. It takes reading and learning to know how to properly use hardware and software. It takes no less to learn how to guard against malware and myths.
Quote:
Originally Posted by thaumaturgy View Post
They don't need -- or want -- a lecture about the intricacies of terminology ...
A simple explanation of the basic malware terminology and concepts is hardly a lecture and certainly not intricacies.

There is a lot of misinformation, hype and hysteria being spread over the web about viruses as they relate to Macs. The best defense is understanding the basic truths.
GGJstudios is offline   0 Reply With Quote
Old Nov 30, 2010, 03:00 AM   #108
gnasher729
macrumors G5
 
gnasher729's Avatar
 
Join Date: Nov 2005
Quote:
Originally Posted by TaylorJ View Post
1.) my router does require a password to login. ATM I'm not sure if its the same password as my wifi password, it is very strong never the less. I'm not saying its unhackable, which is impossible, but theres a strong change it wont get hacked.
Basically to everyone: Just change the router password to anything other than the password that the manufacturer has set. _If_ a hacker finds a way to break into one model of router by knowing the username and password used by the router (has nothing to do with your computer, whether Mac or PC, at all), then they will try to attack blindly all the routers, using the username and password that the manufacturer used. By just using changing the password, you will be hundred times safer. Nobody will bother trying to crack your password if there is a gazillion routers still out there with the default password.
gnasher729 is offline   0 Reply With Quote
Old Nov 30, 2010, 04:37 AM   #109
thaumaturgy
macrumors newbie
 
Join Date: Nov 2010
Quote:
Originally Posted by GGJstudios View Post
No OS is immune to malware or hacking attacks. However, the likelihood of the average Mac user being attacked by an accomplished hacker like Charlie Miller is ridiculously remote. It simply doesn't happen in everyday use. ... There's no motive to attack the average user's computer. Charlie was motivated because it was a controlled contest and the prize was money, notoriety, bragging rights and a new Mac. The average hacker isn't being offered those things to go after the average Mac user.
This'll be my last comment on this subject.

Charlie isn't the only hacker out there. Malware has gone commercial; botnets and fraud are profitable. Given that recent estimates put Apple's U.S. consumer market share at somewhere in an impressive 20% - 25% range, and given that Apple claims to have around 50 million Mac users, and growing steadily -- and given that so, so many of those users are consistently receiving bad advice from "experts" claiming that they don't have to worry about malware on Macs -- the question is not "if", but "when" there will be a nasty worm, virus, or other malware targeting the Mac platform. As the Windows security model continues to improve, at last, the Mac platform is going to become the new low-hanging fruit.

Hell, Wordpress has a smaller total market than Apple does, and there are plenty of Wordpress-specific worms in the wild; I've had to clean up some of them. Claiming that it won't be a problem because there's no motivation is ... silly, and contrary to the opinions of most of the people working in the computer security field.

When malware starts to target the Mac, shops like mine are going to get busier, which sucks, because that's really not how I prefer to meet people, and I really dislike having to explain that they've been given bad advice.
thaumaturgy is offline   1 Reply With Quote
Old Nov 30, 2010, 06:11 AM   #110
GGJstudios
macrumors Westmere
 
Join Date: May 2008
Quote:
Originally Posted by thaumaturgy View Post
the question is not "if", but "when" there will be a nasty worm, virus, or other malware targeting the Mac platform.
I'll just quote what I've already said in the link I posted on this topic:
Quote:
Originally Posted by GGJstudios View Post
Since no OS, including Mac OS X, is immune to malware threats, this situation could change at any time, but if a new virus is discovered, the news media, forums, blogs, etc. will be instantly buzzing with the news.

Having virus protection software on your Mac is pointless, as far as protecting your Mac from viruses, since current antivirus software cannot detect a Mac virus that doesn't yet exist, because they simply don't know what to look for.

The bottom line is this: as a Mac user, your chances of being affected by a virus, trojan or other malware are extremely slim, unless you've been careless about where you get software and when you enter your administrator password.
Those statements still stand. There's no need to run around scaring users, saying "the sky is falling!" Mac users DON'T have to worry about malware that doesn't exist. The few threats that are out there are trojans, which are easily avoided. There are so few malware threats in the wild that can have an effect on Mac OS X, that identifying a new one will have the news and forums talking about it, alerting Mac users very quickly. Defenses will be created and Mac users will be protected. Even Charlie Miller's attack is being patched before details are released in the wild.

Are Macs immune? No. Are Macs reasonably safe? Yes!
GGJstudios is offline   0 Reply With Quote
Old Dec 10, 2010, 03:50 PM   #111
munkery
macrumors 68020
 
munkery's Avatar
 
Join Date: Dec 2006
Quote:
Originally Posted by thaumaturgy View Post
That said, the idea that a Mac can't be infected just by clicking on a link on a website is completely false. In fact, it's been done -- at least twice, publicly -- to win prize money. The experts here need to consider for a moment the implications from a security researcher like Charlie Miller being able to keep a remote exploit vulnerability for Safari a secret for over a year. Do you really think there's only one such vulnerability? The only remaining thing that a motivated attacker would need is a privilege escalation exploit, and those show up all the time for Linux and, less commonly, BSD -- so those almost certainly exist in the MacOS as well. A remote browser exploit combined with a privilege escalation vulnerability means that an attacker can install whatever they want, without the user's knowledge, just by getting the user to click on a link or visit a website.
Arbitrary code execution allows the attacker to take control over the vulnerable process with the level of privileges of the process which is usually that of the user. For example, Safari has the current user's level of privileges.

Privilege escalation is possible if a component (kernel or DLL) of the OS with elevated privileges is accessible by the compromised process but only if that component also has a vulnerability that is exploitable. Not all vulnerabilities are exploitable (roughly 25%).

Therefore, both the arbitrary code execution exploit and the privilege escalation exploit have to be linked together in a logical manner. This is the difficult part; finding a string of exploits.

Even Charlie Miller admits that kernel exploitation is difficult in the following quote from this 2010 interview:

Quote:
macxues: Have you ever written Mac OS kernel exploits?

Charlie Miller: Nope, no kernel exploits against any OS for me. That stuff is too hard
Given that such local exploits are rare for Mac OS X (none known in 2010 and 3 in 2009), the statistical odds of finding a working string of exploits for Mac OS X is not trivial; especially, when compared to the potential to find such strings in Windows.
__________________
Mac Security Suggestions

Last edited by munkery; Dec 10, 2010 at 04:02 PM.
munkery is offline   0 Reply With Quote
Old Jan 17, 2011, 09:54 PM   #112
Cparker89
macrumors newbie
 
Join Date: Jan 2011
My mac keeps redirecting me to unwanted websites

For a few months now, most times I attempt to log on to facebook.com I get redirected to some sort of wiki website. Today, I tried to go to verizonwireless.com. Instead, I was redirected to The Washington Post. The weird thing is that on the link bar, the website I wanted to go to is still there. Look at picture below:: Click image for larger version

Name:	redirect.png
Views:	54
Size:	555.2 KB
ID:	267810 Is there a way to fix this?
Cparker89 is offline   0 Reply With Quote
Old Jan 17, 2011, 10:33 PM   #113
munkery
macrumors 68020
 
munkery's Avatar
 
Join Date: Dec 2006
Quote:
Originally Posted by Cparker89 View Post
For a few months now, most times I attempt to log on to facebook.com I get redirected to some sort of wiki website. Today, I tried to go to verizonwireless.com. Instead, I was redirected to The Washington Post. The weird thing is that on the link bar, the website I wanted to go to is still there. Look at picture below:: Attachment 267810 Is there a way to fix this?
This previous post from the thread may help.
__________________
Mac Security Suggestions
munkery is offline   0 Reply With Quote
Old Feb 7, 2011, 06:11 PM   #114
Piccolopunk
macrumors newbie
 
Join Date: Feb 2011
Running "dscacheutil -flushcache" through Terminal solved all my problems, which were exactly like many described here. (mine is fully updated to my knowledge)
Piccolopunk is offline   0 Reply With Quote
Old Feb 7, 2011, 11:17 PM   #115
munkery
macrumors 68020
 
munkery's Avatar
 
Join Date: Dec 2006
Quote:
Originally Posted by Piccolopunk View Post
Running "dscacheutil -flushcache" through Terminal solved all my problems, which were exactly like many described here. (mine is fully updated to my knowledge)
This will only be a permanent fix if your DNS cache was poisoned by bad configuration. If the DNS cache was poisoned by malware in your router, the issue will return.
__________________
Mac Security Suggestions
munkery is offline   0 Reply With Quote
Old Aug 15, 2011, 05:39 PM   #116
CLS4690
macrumors newbie
 
Join Date: Aug 2011
Probable Solution

Hello all. I was looking through these different theories about DNS and viruses/malware, etc etc etc.

Fortunate for me, my friend and I have the exact same router with the exact same ISP. Only difference is that his router is on the default access settings while I created a different password for the control panel. Oddly enough, I only really noticed the google redirect or redirecting issue at his house...

Then I figured, ok, www.google.com is supposed to take me to the Google Website's server(s) at 74.125.127.99. So I typed 74.125.127.99 into my browser and got to google. I then searched something and all the results were correct and the URLs were correct.

Remembering the default login info for our routers, I logged into his router and upgraded the firmware. Once I did so, I restored default settings (can be accomplised via the control panel software or via holding the reset button with a paper clip for about 20 seconds).

After reconnection, the problem was gone and (I bet) will stay gone.

This problem was occurring on my 3 year old macbook, my friend's BRAND NEW macbook pro, and his brother's new macbook, all using Firefox. No sense why it didn't happen in Safari, but oh well.

To solve the problem:
-upgrade your router firmware
-reset/restore your router to default settings
-change the password for your router's control panel (not the WEP/WPA/"Wifi" password)
CLS4690 is offline   0 Reply With Quote
Old Jan 10, 2013, 09:06 PM   #117
xochipilli
macrumors newbie
 
Join Date: Jan 2013
I'm inclined to agree with the previous post.

I have been fiddling with my router and DNS settings last week and I get this 'redirect error' from Google News only, to my knowledge.

Plus, I've been playing with the config settings in Firefox as well and I suspect I may have got a little carried away following online tutorials a wee too much.

I will reset my router, rePRAM my mac and then I may return with results.
xochipilli is offline   0 Reply With Quote
Old May 26, 2014, 10:00 AM   #118
DanaNent
macrumors newbie
 
Join Date: May 2014
google / yahoo redirect

Hi!

I have this horrible yahoo redirect virus (trojan?) on my mac. Tried antivirus programs, updating the mac to mavericks, resetting the browsers (safari and firefox)... The problem is still there.... slow loading of pages and some not opening. (sometimes!) I'm not quite an expert so i really hope someone here can give me some tips. Under my dns there is a blank field. Under the finder go /etc i found 3 filenames containing 'host'. Two of them (hosts and hostconfig) have no search engine filenames and the other one i cannot open..(hosts/equiv)
Anyone there who knows what to do with this?

thanks a lot!

Dana
DanaNent is offline   0 Reply With Quote
Old Jun 9, 2014, 12:46 AM   #119
jmmx
macrumors newbie
 
Join Date: Jan 2008
safari malware?

Check your extensions - you may have malware

Go to the safari folder in your Library - archive folder Extensions
Delete the original Extensions folder
Restart Safari

Run better? -> get new extensions ONLY from Apple Safari page
NO? -> unarchive the Extensions.zip

This fixed my propel. A little worried about what happened. I should take it in to G Bar I suppose since the old extensions are in the zip file still.
---

This may work for other browsers as well
jmmx is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Applications > Mac Applications and Mac App Store

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
I think my mac as a virus PLEASE HELP houssein31 Mac Applications and Mac App Store 4 Mar 15, 2014 12:14 PM
The First Mac Virus? What do you think? Traverse OS X 10.8 Mountain Lion 6 Jun 4, 2013 05:02 PM
My homepage keeps redirecting to Google Pakistan kiddk1 OS X 10.8 Mountain Lion 16 Mar 23, 2013 07:57 PM
So my Mac just got a virus... Oral B OS X 4 Mar 10, 2013 06:25 AM
Virus on my Mac statesmire Mac Basics and Help 9 Nov 27, 2012 02:38 PM

Forum Jump

All times are GMT -5. The time now is 02:12 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC