[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <4b6ee93104110915053c3c3b8c@mail.gmail.com>
From: xploitable at gmail.com (n3td3v)
Subject: Re: OT: Akamai DNS and Yahoo
On Tue, 9 Nov 2004 23:03:20 +0000, n3td3v <xploitable@...il.com> wrote:
> On Tue, 9 Nov 2004 23:02:15 +0000, n3td3v <xploitable@...il.com> wrote:
>
>
> > On Tue, 09 Nov 2004 15:17:32 -0700, John Neiberger
> >
> >
> > <john.neiberger@...rstbank.com> wrote:
> > >
> > > I saw many references about this in the archives but I haven't seen a
> > > solution to it and we just started seeing this problem. Beginning
> > > sometime very recently, our DNS servers are not able to resolve
> > > www.yahoo.com. I have no problem if I point my PC to an external DNS
> > > server, but when I point it back at our internal servers I get timeouts
> > > when trying to resolve that domain.
> > >
> > > A Google search turned up dozens of posts over the past few years
> > > regarding people not being able to resolve www.yahoo.com, but the
> > > solutions don't seem to apply to our environment. We're running a
> > > version of BIND 8 on Solaris 9, and it's likely that this behavior began
> > > this weekend after we applied the most recent patch cluster for Solaris
> > > 9 and rebooted the server. For quite a while, all external DNS was
> > > failing and we still have some odd intermittent problems but the most
> > > noticable issue that is 100% reproducible is the failure to resolve
> > > Yahoo addresses.
> > >
> > > I saw a few Usenet posts that mentioned this could be a problem with
> > > Extensions for DNS and the fact that DNS replies could be larger than
> > > 512 bytes. This would be a problem if you were behind a PIX firewall
> > > running a certain version of software and with a certain feature
> > > configured because it would drop all UDP DNS packets over 512 bytes.
> > > This doesn't really fit our environment so I'm still looking for
> > > answers.
> > >
> > > Any thoughts?
> > >
> > > Thanks,
> > > John
> > > --
> >
> > Yes, yahoo had an incident with its DNS in the past week(s) with its
> > dns configuration with regards of "akadns". Yahoo! security team were
> > alerted my myself as soon as abnormal behaviour was reported by the
> > scripts i have running on various yahoo and aka servers to get upto
> > date status.
> >
> > The problem first started from what I monitored from Yahoo! having the
> > address in the address bar as "yahoo.akadns.net" to Yahoo! serving a
> > blank HTML/PHP as the homepage, while still showing "Yahoo!" as the
> > HTML title of the homepage document. (proving my network was not at
> > fault from network disruption, yahoo and more focused akadns was to
> > blame for the spate of outages one day in the past week(s).)
> >
> > I'll talk to you further in private if you wish, or on the list
> >
> > ....
> >
> > Thanks, n3td3v
> >
> > http://www.geocities.com/n3td3v
> >
> > I'm a security enthusiast
> >
>
correction: yahoo.akadns.net
Powered by blists - more mailing lists