lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4b6ee931041109150345f1efe5@mail.gmail.com>
From: xploitable at gmail.com (n3td3v)
Subject: Re: OT: Akamai DNS and Yahoo

On Tue, 9 Nov 2004 23:02:15 +0000, n3td3v <xploitable@...il.com> wrote:
> On Tue, 09 Nov 2004 15:17:32 -0700, John Neiberger
> 
> 
> <john.neiberger@...rstbank.com> wrote:
> >
> > I saw many references about this in the archives but I haven't seen a
> > solution to it and we just started seeing this problem. Beginning
> > sometime very recently, our DNS servers are not able to resolve
> > www.yahoo.com. I have no problem if I point my PC to an external DNS
> > server, but when I point it back at our internal servers I get timeouts
> > when trying to resolve that domain.
> >
> > A Google search turned up dozens of posts over the past few years
> > regarding people not being able to resolve www.yahoo.com, but the
> > solutions don't seem to apply to our environment. We're running a
> > version of BIND 8 on Solaris 9, and it's likely that this behavior began
> > this weekend after we applied the most recent patch cluster for Solaris
> > 9 and rebooted the server. For quite a while, all external DNS was
> > failing and we still have some odd intermittent problems but the most
> > noticable issue that is 100% reproducible is the failure to resolve
> > Yahoo addresses.
> >
> > I saw a few Usenet posts that mentioned this could be a problem with
> > Extensions for DNS and the fact that DNS replies could be larger than
> > 512 bytes. This would be a problem if you were behind a PIX firewall
> > running a certain version of software and with a certain feature
> > configured because it would drop all UDP DNS packets over 512 bytes.
> > This doesn't really fit our environment so I'm still looking for
> > answers.
> >
> > Any thoughts?
> >
> > Thanks,
> > John
> > --
> 
> Yes, yahoo had an incident with its DNS in the past week(s) with its
> dns configuration with regards of "akadns". Yahoo! security team were
> alerted my myself as soon as abnormal behaviour was reported by the
> scripts i have running on various yahoo and aka servers to get upto
> date status.
> 
> The problem first started from what I monitored from Yahoo! having the
> address in the address bar as "yahoo.akadns.com" to Yahoo! serving a
> blank HTML/PHP as the homepage, while still showing "Yahoo!" as the
> HTML title of the homepage document. (proving my network was not at
> fault from network disruption, yahoo and more focused akadns was to
> blame for the spate of outages one day in the past week(s).)
> 
> I'll talk to you further in private if you wish, or on the list
> 
> ....
> 
> Thanks, n3td3v
> 
> http://www.geocities.com/n3td3v
> 
> I'm a security enthusiast
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ