Feds apply for DNSChanger safety net extension
Federal authorities have applied for permission to extend the operation of a safety net that allows machines infected by the DNSChanger Trojan to surf the net as normal beyond a 8 March deadline.
DNSChanger changed an infected system's domain name system (DNS) settings to point towards rogue servers that hijacked web searches and pointed surfers towards various sleazy websites, as part of a long running click-fraud and scareware punting scam. The FBI stepped in and dismantled the botnet's command-and-control infrastructure back in November, as part of Operation GhostClick. As many as 4 million machines were infected as the peak of the botnet's activity.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump