Spyware, viruses, & security forum: Changing your router or dsl modem DNS IP address

This post is in response to the very active thread posted by Barbara re Fact or Fiction; People could lose their internet connection in July here: http://forums.cnet.com/7723-6132_102-562374/fact-or-fiction-people-could-lose-their-internet-connection-in-july/?tag=contentBody;threadListing sponsored by Lee Koo (Admin) CNET

As CNET does impose a space limitation on the number of responses on a given topic, I thought it best to begin a new how-to topic to reset DNS settings on your own router or dsl modem to avoid the loss of internet connectivity if you have the DNS Changer trojan on your router. I will provide for free a lisiting of the IP addresses you need, using free and available DNS IP (Internet Protocol Addresses) that are hosted by reputable vendors.

This is because the thread started by Barbara has yet to make available to others a step-by-step guide on securing your router or modem, and how securing your device will thus prevent unwanted changes to your internet connectivity, now and in the future, and the linked post above also has yet to go into the depth necessary on how to make these changes with any real clarity.

How to secure your modem or router:

1.) Many home users (read average computer user) are unaware of the fact that the router or dsl modem they use to connect to the home network or internet comes with a set of default settings created by the vendor of that device. The most common settings used are 'admin' for the administrator name, and 'password' to secure the device against outside attack or intrusion. This practice is industry-wide, and because of this, allows an outside hacker to directly change the settings within the device without the user knowing about it.

More commonly, a hacker will devise a malware script or executable that will make these changes automatically without user intervention. With social engineering (an email attachment purporting to be something else, but is actually a trojan in disguise) it is not necessary for the hacker to personally visit each device in question, but to merely send out this malware and have the user execute it when they open the attachment, as an example.

2.) Obviously, the administrator name must be changed from default to something else. And the password for securing the administrator account must be changed as well. When changing the administrator name from 'admin', you must use a name not easily guessable from the outside, and the same would be true for the password. Use a multi-character string for the password, such as (example) %rrTq20o+:2Y. Whatever you do, write both of them down. This will allow only you to make changes to your router or dsl modem. My dsl modem only allows fifteen characters to be entered, but the more you can enter the better off you will be.

3.) Gaining access to an unsecured router or dsl modem is very simple.

Open a browser (does not matter what you use, can be Internet Explorer, Firefox, Google Chrome, or any of the ilk) and type in 192.168.0.1 in the address box where a web site name and additional link information normally appears. Press enter to see your device specification page. A new web page will open containing the vendor name and various options involving the settings inside the router or dsl modem. If this does not work, then some other variation of an IP address specific to that make and model must be entered. Googling the vendor page usually is sufficient to obtain the needed IP address to access.

4.) Once you are in your configuration page, look for an advanced setup section, and go to the section usually marked as "Security". The exact wording will vary between vendors and make and model, and the device used. What you want is the section underneath marked "Administrator password"or something similar. If you are in the right place, you will see, indeed, that the default administrator name is 'admin' and the password for admin is 'password' or 'pswd'. The password section may be dotted out in a similar manner as when you would log in to your Windows system, but you can trust me, the word underlying those dots is 'password' or something similar.

5.) Change these two words to whatever you like and click apply. If done properly, and you wrote the new words down, the modem or router will reset and a new page will appear where you now need to enter the new words or characters to get in once again.

Your modem or router is now secure.

Changing the default DNS settings:

1.) Now that your device is secure, you need to re-enter your configuration page once again as above, and enter the new administrator name and password. Usually you must click apply to enter.

2.) Depending on the vendor, the section you want is the WAN (Wide Area Network) settings under, you guessed it, Advanced Settings or Setup. Click WAN under IP addressing or similar to enter. Scroll down to where you can see something related to changing your DNS settings. Default settings for DNS is almost always set to dynamic. There should be an option to change to static. What changing this setting does, is tell your router or modem to use the new IP addresses (there are two) instead of the ones DNS Changer trojan or your Internet Provider have assigned to you.

A quick look here using Google will show many available new IP addresses you can put here: http://www.google.com/#hl=en&sugexp=cqn%2Ccconf%3D0.95%2Cmin_length%3D2%2Crate_low%3D0.006%2Crate_high%3D0.006&gs_nf=1&gs_mss=dns%20ip%20addresse&cp=16&gs_id=10a&xhr=t&q=dns+ip+addresses&pf=p&sclient=psy-ab&oq=dns+ip+addresses&aq=0&aqi=g1g-v3&aql=f&gs_l=&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.,cf.osb&fp=aa8b317ec80710f&biw=1280&bih=828

All of the listings provided on the first page are rated as safe to visit by WOT (World Of Trust).

You are free to peruse and learn as much about this task as much as you wish.

Google provides the following static DNS IP addresses:

8.8.8.8

8.8.4.4

Open DNS (another reputable DNS vendor) provides these numbers, also static DNS IP addresses:

208.67.222.222

208.67.220.220

You can visit Open DNS here: http://www.opendns.com/

If you scroll down to the bottom of this page, you will see a link (provided here: http://blog.opendns.com/2012/05/03/opendns-cloudflare-dnschanger-solution-or-how-to-not-lose-internet-on-july-9/ )
that will provide a step-by-step guide on how to make the static DNS IP address changes specific to the device you own here: https://store.opendns.com/setup/router/

While not comprehensive and all inclusive, my guide should show why the need to secure your device is necessary and not that hard to do; and why securing your device is proactive rather than reactive.

I have changed my modem settings manually to Open DNS sometime ago; and am quite satisfied with the results and security this change has brought.

You are free to choose whatever DNS vendor you wish. For most users, merely securing your device is enough.

If you write down the original settings, you can always revert back to the default settings, just so you know.

All links provided are in original form and syntax, no shortened url's are ever used, so no surprises lurk anywhere for the unsuspecting user.

Hope this helps.