nanog mailing list archives

Re: DNS with Akamai

From: Etaoin Shrdlu <shrdlu () deaddrop org>
Date: Fri, 09 Jul 2004 21:42:45 -0700


joe wrote:


Anyone noticing issues with Akamai and their DNS stuff?
Just wondering because I'm seeing strange responses regarding
www.foxnews.com, in that one of the Cnames a20.g.akamai.com
is changing every 20 seconds, and sometimes no response at all.


It's really too soon to tell, but there is certainly something out there
aimed right at the root servers. I saw a post from someone on full
disclosure claiming that there was a 0-day exploit against bind (although
the version wasn't named). There was huge activity for about four hours,
but it leveled off about 20-30 minutes ago. I'm still analyzing earlier
ethereal dumps, and logs, looking for the injection, or other evidence.

Some of this would probably explain any anomalies you see at akamai.

--
...because as an industry we've tried to make security seem easier
than it actually is. We want to make it like driving a car when it's
more like flying an airplane.
             Chris Brenton (at 08:22 -0400 19 Apr 2004 on NANOG)

Current thread:

Re: VeriSign's rapid DNS updates in .com/.net, (continued)
- - Re: VeriSign's rapid DNS updates in .com/.net Deepak Jain (Jul 09)
    - Re: VeriSign's rapid DNS updates in .com/.net Valdis . Kletnieks (Jul 09)
    - Re: VeriSign's rapid DNS updates in .com/.net Christopher L. Morrow (Jul 09)
    - Re: VeriSign's rapid DNS updates in .com/.net Deepak Jain (Jul 09)
    - Re: VeriSign's rapid DNS updates in .com/.net Christopher L. Morrow (Jul 09)
    - Re: VeriSign's rapid DNS updates in .com/.net Deepak Jain (Jul 09)
    - Re: VeriSign's rapid DNS updates in .com/.net Eric Brunner-Williams (Jul 09)
    - Re: VeriSign's rapid DNS updates in .com/.net Valdis . Kletnieks (Jul 09)
  - Re: VeriSign's rapid DNS updates in .com/.net Matt Larson (Jul 09)
    - DNS with Akamai joe (Jul 09)
    - Re: DNS with Akamai Etaoin Shrdlu (Jul 09)
    - Re: DNS with Akamai John Payne (Jul 09)
    - Re: DNS with Akamai Lloyd Taylor (Jul 10)
    - Re: DNS with Akamai Lloyd Taylor (Jul 10)
    - Re: DNS with Akamai joe (Jul 10)
    - Re: DNS with Akamai Charles Sprickman (Jul 10)
- Re: VeriSign's rapid DNS updates in .com/.net Alexei Roudnev (Jul 10)
  - Re: VeriSign's rapid DNS updates in .com/.net David A . Ulevitch (Jul 10)
    - Re: VeriSign's rapid DNS updates in .com/.net Alexei Roudnev (Jul 10)
    - Re: VeriSign's rapid DNS updates in .com/.net Mike Lewinski (Jul 10)
    - Re: VeriSign's rapid DNS updates in .com/.net David A . Ulevitch (Jul 10)

(Thread continues...)