dns hijack
I'm wondering if anyone else has seen this recently.
There is a Mac Pro here at my work running 10.5.3 that appears to have a DNS hijack going on. When I force a DHCP renew, the DNS settings point to our DNS servers. After about 30 seconds or a minute, they change to 85.255.116.30 and 85.255.112.19. This literally happens right in front of my eyes without me clicking on anything. I can't delete them without going to a static IP. Once the DNS settings change, I can't ping internal websites nor a number of external ones (including Apple...heh).
I googled those IP address and a number of pages comes up from anti spyware sites with infected registries on Windows machines. Any ideas? If not, the machine will get reimaged tomorrow but I'd prefer to find a fix incase I see this again.
There is a Mac Pro here at my work running 10.5.3 that appears to have a DNS hijack going on. When I force a DHCP renew, the DNS settings point to our DNS servers. After about 30 seconds or a minute, they change to 85.255.116.30 and 85.255.112.19. This literally happens right in front of my eyes without me clicking on anything. I can't delete them without going to a static IP. Once the DNS settings change, I can't ping internal websites nor a number of external ones (including Apple...heh).
I googled those IP address and a number of pages comes up from anti spyware sites with infected registries on Windows machines. Any ideas? If not, the machine will get reimaged tomorrow but I'd prefer to find a fix incase I see this again.
MacBook Pro, Mac OS X (10.5.3), 15" - 2.2 Ghz