more Network Solutions and .COM blackout

[David Farber <dave () farber net>]

Begin forwarded message:

From: "Ed Gerck, Ph.D." <egerck () nma com>
Date: January 23, 2009 7:31:03 PM EST
To: dave () farber net
Cc: ip <ip () v2 listbox com>
Subject: Re: [IP] more  Network Solutions and .COM blackout

[Dave, for IP if you wish]

The problem here was not really DDoS (a known threat)  but lack of  
sufficient redundancy in the NSI infrastructure (will take time to  
fix!).  One evidence is in the IP data summary for the NSI domain name  
servers:

<http://www.robtex.com/dns/ns1.worldnic.com.html>
...
<http://www.robtex.com/dns/ns61.worldnic.com.html>
<http://www.robtex.com/dns/ns62.worldnic.com.html>
...

Another piece of evidence is that it took hours yesterday and (again)  
hours today to improve service -- there was no switch-over system that  
could dynamically divert and/or take the load. The end result is that  
even though each domain name has two domain name servers for  
redundancy (and increased resiliency to attacks), the NSI domain name  
servers are apparently /not sufficiently/ redundant for the known  
(DDoS) operational conditions. Thus, the problem was not really a  
"surprise" but a consequence of using an inadequate infrastructure for  
what should be a basic service. NSI needs to invest more on this, and  
fast. This was serious. Potentially putting out of service one hundred 
+ domain name servers, this incident possibly affected millions of  
sites for hours today and yesterday.

Best regards,
Ed Gerck

--
<www.gerck.com>





-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com