On Wed, Jan 24, 2001 at 06:01:29AM -0500, Greg A. Woods wrote:
[ On Wednesday, January 24, 2001 at 13:09:45 (-0800), Roeland Meyer wrote: ]
Subject: RE: Microsoft spokesperson blames ICANN
From our efforts, it is not at all surprising that someone, at MSFT, munged the DNS configuration, totally. Even their best guru could have done it, due to the murky nature of the config. I suspect that there are less than 100 ppl that could even have a clue, in this area, and they don't all have the same pieces of clue.
{OBofftopic: hmm, look at the two timestamps, above. did greg reply to roeland's e-mail before it was written?} by now i think we are realizing that it's probably more of some kind of server-level/network-level attack, and not a DNS phuque-up. i got plenty o'pings earlier without nary a drop, although the nameservers didn't reply. {Important Point:} nevertheless:
That's absolutely idiotic (of M$, that is !;-). Even more idiotic than putting all their nameservers in one basket, so to speak.
I'd bet any high-school kid who had any experience whatsoever at installing Linux or FreeBSD could no doubt blow a real OS and a native BIND install onto any sufficiently capable set of four machines in about an hour or so and provided that someone could cough up at least a half-baked zone file from somewhere to load on them they'd all be online and answering to the registered nameserver IP numbers in no time flat. Certainly in less than what's apparently going to be at least 23 hours now!
{Oblinux: there are a few itty-bitty "server" distro's out there that you could probably load up in under 15 minutes. also, the e-smith-style "appliance" distros are also quick to load.}
Heck I know a half dozen or more people around the world who would have put their dislike of M$ away for a short period and loaded a zone file or two on their own nameservers for M$ if only M$ could have managed to get the .COM zone updated with new delegations.... What ever happened in this community to asking the community for help when you're caught between a rock and a hard place? (Not that a company the size of M$ should have to ask for a handout -- they no doubt have significant IP connectivity in as many places around the world as almost anyone else!)
whoa, slow down... microsoft apparently hasn't quite figured out what hit them (and in these later hours there's implications that there is more than one issue happening here). any large company is gonna take some non-trivial amount of time to figure things out so that the report to the upper management (ultimately) will be complete, including not only what happened, who's responsible, etc., but also what steps were taken to keep it from happening again. keeping running notes on all of this just makes it slow. take that resulting time and double it when a company has claimed (and, y'know, perhaps it's true) in the past that they possess clue. and finally, take that second time and triple if it's a public company (where somebody can get sued). i'm not making excuses for microsoft, but more clueful companies have had worse times of it, even in the recent past. give 'em a chance.
MS has nothing and no-one to blame but their own stupidity and arrogance in this. Meanwhile they're so damn big and "important" to so many users that this outage is having both a direct and an indirect negative impact on a lot of ISPs around the world! "Hey! The Internet must be broken if I can't get to M$.COM!"
whoa! whoah!! take it easy... chill... let's kick 'em when and where they deserve it, after all the smoke clears. until then, i think this forum should be supportive of internet-connected networks that are facing big troubles. whatever is happening to microsoft today could happen to someone far dearer tomorrow (or today, of course). we all might learn something useful from this. (and maybe not.)
No, what's needed is for M$ to learn that they need to deploy software that's capable of the task even if it didn't come from a box and doesn't have their logo branded on it. Squishing things together that were never meant to be squished together is only going to cause a big mess. Err, has already caused a big mess, at least for M$ and those who deal with them! ;-)
They'd also do well to learn a bit about network geography and just exactly how authoritative nameserver visibility from various locations on this wonderful Internet of ours can directly affect their bottom line!
try: http://secondary.easydns.com -- Henry Yen Aegis Information Systems, Inc. Senior Systems Programmer Hicksville, New York