Protection from VPNFilter


1 comment

  • Avatar
    rotblitz (Edited )

    "Can I protect myself from VPNFilter by doing the following?"

    Rather not.  And not yourself, but your router or NAS.

    Only if your router or NAS is already infected, the factory reset in your first point does help to remove the malware.  It does not help to protect your device against VPNFilter going further.

    These additional steps help to protect your device:

    1. Upgrade to the latest firmware: Linksys * Netgear * MikroTik * QNAP * TP-Link
    2. Change the default admin passwordLinksys * Netgear * MikroTik * QNAP * TP-Link
    3. Disable Remote Administration: Linksys * Netgear * MikroTik * QNAP * TP-Link

    At least the first two points are anyway viable for most of such devices, and the third point if you do not need to access your device remotely.

    Regarding your point 2 to use OpenDNS: the FBI has already seized control over the domain which is a sinkhole now, and it does not look like that is involved.  And blocking the domains with OpenDNS would help in case only where a device is already infected and FBI hadn't taken control of the domain.  It does not help to protect your device from new infections by VPNFilter.

    "My question is really whether or not using OpenDNS to block those domains would be effective."

    Said the above, no, it would not be effective in specific regards of VPNFilter.  But certainly else.

    "Would it be worth also blocking proxy/anonymizers?"

    As you want.  But this is irrelevant in regards of VPNFilter too.

    Comment actions Permalink

Please sign in to leave a comment.