On 01/29/2010 08:30 PM, Robert D. Scott wrote:

Looks like an internal problem to BoA. The redirect works, and I get an immediate reply. The https redirect page appears boinked. Even with a -k curl took over 30 seconds to get the page, and the browser would have timed out.

Hi, Just noticed this article, maybe BoA is also a target ?: CIA, PayPal under bizarre SSL assault The "massive" flood of requests is made over the websites' SSL, or secure-sockets layer, port, causing them to consume more resources than normal connections, according to researchers at Shadowserver Foundation, a volunteer security collective. The torrent started about a week ago and appears to be caused by recent changes made to a botnet known as Pushdo <http://www.theregister.co.uk/2008/02/29/botnet_spam_deluge/>. http://www.theregister.co.uk/2010/01/29/strange_ssl_web_attack/ http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20100129 Maybe that has something to do with this ? Hope you have a nice weekend.

robert@Robert ~ $ curl -i -G www.bankofamerica.com HTTP/1.1 301 Moved Permanently Server: Sun-ONE-Web-Server/6.1 Date: Fri, 29 Jan 2010 19:25:08 GMT Content-length: 122 Content-type: text/html Location: https://www.bankofamerica.com/index.jsp Connection: close

<HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD> <BODY><H1>Moved Permanently</H1> An error has occurred. </BODY></HTML> robert@Robert ~ $ curl -i -G www.bankofamerica.com HTTP/1.1 301 Moved Permanently Server: Sun-ONE-Web-Server/6.1 Date: Fri, 29 Jan 2010 19:25:28 GMT Content-length: 122 Content-type: text/html Location: https://www.bankofamerica.com/index.jsp Connection: close

<HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD> <BODY><H1>Moved Permanently</H1> An error has occurred. </BODY></HTML> robert@Robert ~ $ curl -i -G https://www.bankofamerica.com/index.jsp curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.

robert@Robert ~ $ curl -k -i -G https://www.bankofamerica.com/index.jsp

Robert D. Scott Robert@ufl.edu Senior Network Engineer 352-273-0113 Phone CNS - Network Services 352-392-2061 CNS Phone Tree University of Florida 352-392-9440 FAX Florida Lambda Rail 352-294-3571 FLR NOC Gainesville, FL 32611 321-663-0421 Cell

-----Original Message----- From: John Palmer (NANOG Acct) [mailto:nanog2@adns.net] Sent: Friday, January 29, 2010 2:22 PM To: NANOG list Subject: Level 3 DC issues?

Anyone see any connectivity issues with Level-3 in the DC area? This issue is causing big latency problems that appeared to have taken out Bank of America's website.