Way OT... Anyone having DNS Problems today?

Glenn Steen glenn.steen at gmail.com
Fri Dec 8 21:34:06 GMT 2006


On 08/12/06, Ken Goods <KGoods at aiainsurance.com> wrote:
> Martin Hepworth wrote:
> > Ken Goods wrote:
> >> We're experiencing an issue where about 50% of the sites we try to
> >> visit will not come up and about the same amount are returning
> >> emails as undeliverable. I can get to Google, MSN, and a few others
> >> but not to Amazon, yahoo, etc.. etc...
> >>
> >> Almost looks like DNS poisoning because the error message I get is
> >> from an Apache system and not the usual one I would normally get
> >> from our proxy server.
> >>
> >> Has anyone else noticed anything strange with DNS this morning?
> >>
> >> TIA,
> >> Ken
> >>
> >> Ken Goods
> >> Network Administrator
> >> AIA/CropUSA Insurance, Inc.
> >>
> > Ken
> >
> > opendns is under attack for the last few days. also one of the RBL's
> > has been having problems over last night....
> >
> > --
> > Martin Hepworth
> > Senior Systems Administrator
> > Solid State Logic
> > Tel: +44 (0)1865 842300
> >
> > **********************************************************************
> >
> > This email and any files transmitted with it are confidential and
> > intended solely for the use of the individual or entity to whom they
> > are addressed. If you have received this email in error please notify
> > the system manager.
> >
> > This footnote confirms that this email message has been swept
> > for the presence of computer viruses and is believed to be clean.
> >
> > **********************************************************************
>
> Thanks Martin,
> Upon looking closer at the DNS cache I noticed a lot of entries with A
> records pointing to 64.34.222.20 making me think it was DNS poisoning. But
> after clearing the DNS cache I'm still having problems with a few sites. I'm
> still not sure exactly what's going on because I get error trying to display
> yahoo.com:
>
> Not Found
> The requested URL / was not found on this server.
> ----------------------------------------------------------------------------
> ----
> Apache/1.3.34 Server at www.yahoo.com Port 80
>
> Which I also get on cnn.com and who knows how many others, but in looking at
> the cache the ip's for yahoo's nameservers appear to be correct now (after
> clearing the cache and restarting DNS). I guess the next step would be to
> reboot that machine just to make sure it's not the culprit.
>
> Thanks again for your input.
> Kind regards,
> Ken

You mention a proxy, so... look long and hard at that one (not just DNS cache).
Also, what's your upstream, in regard to DNS? Using any generic
forwarders? Might be them being "poisoned" too...

-- 
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se


More information about the MailScanner mailing list