[Outages-discussion] [outages] Google 8.8.8.8 Resolution of Route53 domains

outages virendra.rode at outages.org
Wed Apr 25 20:16:49 EDT 2018


On Wed, 2018-04-25 at 15:03 -0400, Charles Sprickman wrote:
> Moving to -discuss… (a second time, sent to outages-discuss@)
> 
> 
> > On Apr 25, 2018, at 10:35 AM, Zach Hanna via Outages <outages at outages.org>
> > wrote:
> > That would require 1) the wallet company understanding the technical details
> > of the outage (a stretch), and 2) understanding that it is preventable, and
> > 3) how and by whom. 
> 
> I think the wallet company understands, and I think they probably felt pretty
> safe using one of the world’s largest DNS providers for their service.  If
> they thought about this they probably figured “who could hijack Amazon?” and
> “Google is clever, 8.8.8.8 probably can’t be fooled”.
> 
> Although I guess they didn’t think about DNSSEC, so maybe I’m all wrong. :)
> 
>    Domain Name: MYETHERWALLET.COM
>    Name Server: NS-1007.AWSDNS-61.NET
>    Name Server: NS-1498.AWSDNS-59.ORG
>    Name Server: NS-1993.AWSDNS-57.CO.UK
>    Name Server: NS-73.AWSDNS-09.COM
>    DNSSEC: unsigned
> 
> One of my clients is a customer of HE, and I’m wondering if they will have
> anything to say about this. I only do very small-fry stuff with BGP, but even
> I know that if I provide a customer the ability to speak BGP to me, I have to
> be paranoid and only let them announce an agreed-upon list of networks.
> 
> Anyone have any articles that look more at the two providers involved here,
> preferably with some statements from HE or eNet?
> 
> Charles
--------
Not to be philosophical but the big part of this is Network itself is the enemy.
An old slogan from dutch hacker community comes to mind, someone you trust is one of us and the leak is higher up in the chain of command that you ;-)

-- 
regards,
/vrode



On Wed, Apr 25, 2018 at 12:04 AM Gert Doering via Outages <outages at outages.org> wrote:
Hi,


On Tue, Apr 24, 2018 at 07:47:36PM -0400, J Kibler via Outages wrote:

> Here is a more detailed analysis of what happened:

> https://arstechnica.com/information-technology/2018/04/suspicious-event-hijacks-amazon-traffic-for-2-hours-steals-cryptocurrency/


Maybe that is actually good news.


Financial damages have been done, by a US company, to a US company, due

to neglicience in BGP filtering.  This is going to be an expensive lawsuit,

and hopefully people will start proper BGP filtering afterwards...


gert

-- 

"If was one thing all people took for granted, was conviction that if you 

 feed honest figures into a computer, honest figures come out. Never doubted 

 it myself till I met a computer with a sense of humor."

                             Robert A. Heinlein, The Moon is a Harsh Mistress


Gert Doering - Munich, Germany                             gert at greenie.muc.de

_______________________________________________

Outages mailing list
Outages at outages.org
https://puck.nether.net/mailman/listinfo/outages


_______________________________________________
Outages mailing list
Outages at outages.org
https://puck.nether.net/mailman/listinfo/outages




-- 
Charles Sprickman
NetEng/SysAdmin
Bway.net - New York's Best Internet www.bway.net
spork at bway.net - 212.982.9800





> _______________________________________________
> Outages-discussion mailing list
> Outages-discussion at outages.org
> https://puck.nether.net/mailman/listinfo/outages-discussion
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/outages-discussion/attachments/20180425/c98eb050/attachment-0001.html>


More information about the Outages-discussion mailing list