Slashdot Mirror

← Back to Stories (view on slashdot.org)

Network Solutions Hit With DDoS

Posted by Unknown on from the smells-like-teen-cyberterrorism dept.

New submitter Landy DeField was the first of many of write in about Network Solutions' website and DNS outage: "If your website does not load this morning you need to ask yourself do we use Network Solutions? Because all of their servers are all currently down. You can confirm this by visiting this site." The only solid information from Network Solutions is a post on their Facebook page: "Network Solutions is experiencing a Distributed Denial of Service (DDOS) attack that is impacting our customers as well as the Network Solutions site. Our technology team is working to mitigate the situation. Please check back for updates." There have been several reports that the outage is causing hosted DNS to fail, leading to a number of unresolvable websites.

50 of 91 comments (clear)

  1. Do Not Use by Anonymous Coward · · Score: 1

    I do not use Network Solutions DNS service. I use Google's, which is almost always up.

    1. Re:Do Not Use by hawguy · · Score: 5, Funny

      I do not use Network Solutions DNS service. I use Google's, which is almost always up.

      If you're ok with "almost" always up, Network solutions is almost always up too.

    2. Re:Do Not Use by Anonymous Coward · · Score: 1

      I do not use Network Solutions DNS service.

      I do not use any Network Solutions service. They've been pretty shitty in the past and I can't think they'll ever be trustworthy.

      They should check to see if this DDoS is coming from some of their own customers.

    3. Re:Do Not Use by Stunt+Pope · · Score: 2

      Google's public DNS is a resolver service, Netsol's outage affects their authoritative servers.

    4. Re:Do Not Use by davester666 · · Score: 2

      That's because Google doesn't use a VIC-20 to host it.

      --
      Sleep your way to a whiter smile...date a dentist!
  2. Deserved by PiSkyHi · · Score: 4, Informative

    Probably all those cheeky sales strategies like auto-renewal at any price without confirmation. A free email box that turns into a paid one and can only be cancelled with a support ticket. Shit like that certainly annoys me.

    1. Re:Deserved by Ravaldy · · Score: 3, Informative

      You forget the reserving of domains after you check for availability so that you can only purchase it from them.

    2. Re:Deserved by sjames · · Score: 1

      Network solutions has been a festering carbuncle on the ass of the interbnet since before ICANN (ICAN'T) existed.

    3. Re:Deserved by Anonymous Coward · · Score: 1

      Probably all those cheeky sales strategies like auto-renewal at any price without confirmation.

      Worse, each domain you register has a separate credit card record. So when you update your expiration date, you have to remember to update it on ALL of your domains. Or else your domains will expire and cost you an $80 ransom each.

      Bastards.

      So I switched all my domains to Namecheap and am now much happier. Especially now.

    4. Re:Deserved by PRMan · · Score: 1

      Register.com doesn't do this, to my knowledge.

      --
      Peter predicted that you would "deliberately forget" creation 2000 years ago...
    5. Re:Deserved by sound+vision · · Score: 1

      Not all - in fact the sure the majority of them don't do this. Besides Network Solutions, eNom, and a few others, many domain registration sites out there aren't fully-fledged registrars. Even if the only name you see in a WHOIS lookup is the company you directly paid for the registration, there's a good good chance they use another registrar on the back end. Essentially these companies are just resellers. They pay $6 or whatever for the domain, then charge you $12 for it. This means that even if you choose not to register, the domain, if they sneak-register it from under you, that does incur a monetary cost, making it unlikely.

      I work for a domain reseller. Now, GoDaddy and Network Solutions may very well not have to pay anything for registration, so this tactic might be more useable for them. But for the company I work for, this tactic would be a financial loser.

  3. I can confirm by AvitarX · · Score: 2

    that the hosted DNS is down.

    This article popped up as I was recreating a zone because of it, best to be off of their hosted DNS anyway.

    --
    Wow, sent an e-mail as suggested when clicking on "use classic" banner, and got a fast response that addressed my msg
    1. Re:I can confirm by NewWorldDan · · Score: 1

      Yep. Having issues here as well. Not good, but surprisingly I haven't had any calls from angry customers yet.

    2. Re:I can confirm by afidel · · Score: 1

      It doesn't matter who you transfer your zones to, you need two providers if you want to have reliable DNS these days because basically all the big DNS players have had DNS amplification attacks against them at least once in the last year. We switched off AT&T to DNS Made Easy when AT&T suffered a similar attack about 9 months ago but given the frequency of these attacks it's probably just a matter of time until they get hit as well so I'm going to setup secondary zone transfers to a second provider.

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
    3. Re: I can confirm by AvitarX · · Score: 1

      Ours is on the same server as the website.

      --
      Wow, sent an e-mail as suggested when clicking on "use classic" banner, and got a fast response that addressed my msg
  4. Everyone is in Luck by cyberpocalypse · · Score: 1

    Everyone is in luck: June 21st, 2013, 07:09 GMT By Eduard Kovacs http://news.softpedia.com/news/LinkedIn-Outage-Caused-by-DDOS-Attack-on-Network-Solutions-362473.shtml --- This means, that on Sunday, you will all find out it was a DoS attack. This also means, on Sunday, if you visit that site you can also get the Powerball results which haven't been posted yet and all retire.

    1. Re:Everyone is in Luck by Phics · · Score: 1

      Sunday? June 21st was a Friday!

      --
      There are two types of people in the world; those who believe there are two types of people, and those who don't.
    2. Re:Everyone is in Luck by NatasRevol · · Score: 1

      Was?!?!

      --
      There are two types of people in the world: Those who crave closure
    3. Re:Everyone is in Luck by sjames · · Score: 1

      You must have bought the discounted 'irregular calendar'.

    4. Re:Everyone is in Luck by The+MAZZTer · · Score: 1

      Yes, we're in July already, try to keep up.

    5. Re:Everyone is in Luck by NatasRevol · · Score: 1

      Wait, this isn't May?

      --
      There are two types of people in the world: Those who crave closure
    6. Re:Everyone is in Luck by NatasRevol · · Score: 2

      To be fair, it is a Dilbert calendar. That I haven't changed in a while.

      --
      There are two types of people in the world: Those who crave closure
    7. Re:Everyone is in Luck by Phics · · Score: 1

      Heh.... looks like not everyone made it out of June... I've had months like that.

      --
      There are two types of people in the world; those who believe there are two types of people, and those who don't.
  5. Slashdotted by Russ1642 · · Score: 2

    Don't post it here. Now they'll be Slashdotted as well.

  6. The Attack Appears To Be Ongoing, But... by NotSanguine · · Score: 2

    DNS name resolution from Network Solutions' DNS servers seems to be functional for 50-60% of requests based on a small sample (resolution of hosts in domains I manage). The Website is back up.

    --
    No, no, you're not thinking; you're just being logical. --Niels Bohr
    1. Re:The Attack Appears To Be Ongoing, But... by xevioso · · Score: 2

      This is actually a real problem for me. Yesterday I changed DNS records for an older client of mine on Network Solutions to point to a nameserver on another hosting environment. It seemed to work pretty quickly on some machines, on others it still showed the old site. Now it has reverted back to the older site on some and on others it is propagating correctly.

      I am not sure what the hell is going on. I can't tell if there is just some propagation issue, or if it is a cache issue, or if the DNS service on their end is just reverting back to an older state and I need to reset the nameserver change. I don't know what to do but wait.

      It's funny because this is the first freelance project I have done literally in 4 years; I was only doing it as a favor for an older client. Been working on the site for months, and on the VERY DAY I changed DNS records this happens. Figures.

    2. Re:The Attack Appears To Be Ongoing, But... by WuphonsReach · · Score: 1

      Public DNS records are something that it's not worth doing in-house any longer. Go with one of the DNS firms that give you multiple SOA servers, located in multiple data centers across the globe. A lot of registrar-based DNS options only offer the basics (no TXT or SRV records), or all of your SOA servers are in the same data center, leaving you vulnerable to a DDoS like this.

      (Personally, we use DNSMadeEasy, but they're not the only game in town. Spending $60/yr to not have to personally maintain DNS servers has been well worth it.)

      --
      Wolde you bothe eate your cake, and have your cake?
  7. It's back up by gravis777 · · Score: 1

    From isitdownrightnow.com

    Last Down: 3 minutes ago

    Networksolutions.com is UP and reachable.
      The website is probably down just for you...

    1. Re:It's back up by gravis777 · · Score: 2

      Also I can pull up networksolutions.com

      It isitdownrightnow.com also says:
      Possible Service Disruption : Our test passed without any errors however 78 users have reported problems in the last few hours. Please check comments section for more details.

  8. Old News by opusbuddy · · Score: 2

    They've gotten hit by 3 Spamhaus blacklists since last fall and this is the second DDOS in around a month. After the last Spamhaus debacle a few weeks ago, there were so many angry posts on their blogs about it that they took the link to their blogs off their account manager page. Calling their customer service sh!++y is an affront to sh!++y customer service. When I called to find out what was going on in the last DDOS, I got an IVR message, "Sorry, we're too busy to take your call" to which I responded by typing www.godaddy.com into my Firefox browser. It loaded great.

    On top of that, they reupped me for 3 years without my request or approval, but I didn't notice until 60 days had past. Already bought a year at GoDaddy and am moving as fast as I can. Hard to download your site when FTP times out all the time. Will file reports with the FTC & BBB once I've gotten off their servers.

    --
    If this were easy, they wouldn't need us to do it!
    1. Re:Old News by Ravaldy · · Score: 1

      What do you expect? Maybe the message used isn't great but every single one of their customers is calling. No company can prepare for that. If you want a company that can answers 100% of calls in a situation like this you'll have to pay a lot more for your hosting solution.

      This could just as well be happening to GoDaddy.com and you would get the same message when calling their number.

    2. Re:Old News by Scutter · · Score: 1

      They need a better message than "You're down. You're f***ed. Call back later." Yeah, I know we're down. That's why I called. They need to provide BETTER information. Put something useful on their blog, FB, Twitter, etc. Instead, every time there's a problem, they close the blinds and lock all the doors while the angry mob gathers outside. That's a hell of a way to run a railroad.

      --

      "Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
    3. Re:Old News by Em+Adespoton · · Score: 1

      You're moving from NetSol to GoDaddy?

      That might have made sense, say, in 2003, when NetSol started going to the birds.

      http://www.forbes.com/sites/kellyclay/2012/09/10/5-reasons-you-should-leave-godaddy-and-how/

      GoDaddy has been on my blacklist along with NetSol since SOPA.

      Best two services I've seen that are ethical, long-lasting and reasonably priced are NameCheap and Gandi. Gandi also has the benefit that it's not in the US, and so unless you're using it for something that's illegal in France, you're unlikely to get your domain yanked out from under you (and you'll get warning if it's going to happen).

    4. Re:Old News by pnutjam · · Score: 1

      If you are still using Network Solutions, you have only yourself to blame...

      I noticed a site I was using showed up with an invalid certificate. It seemed to match the domain and had not expired. It was issues by Network Solutions. I'm sure this is related.

      --
      Cheap storage VM.
  9. Data point by Empiric · · Score: 2

    There have been several reports that the outage is causing hosted DNS to fail, leading to a number of unresolvable websites.

    Confirmed here. DNS resolution was down for about an hour this morning for our domains registered with Network Solutions, no problems with domains registered elsewhere.

    --
    ~ Whence do you come, slayer of men, or where are you going, conqueror of space?
    1. Re:Data point by NotSanguine · · Score: 1

      There have been several reports that the outage is causing hosted DNS to fail, leading to a number of unresolvable websites. Confirmed here. DNS resolution was down for about an hour this morning for our domains registered with Network Solutions, no problems with domains registered elsewhere.

      As I mentioned above, DNS resolution is *still* spotty for my domains.

      --
      No, no, you're not thinking; you're just being logical. --Niels Bohr
    2. Re:Data point by RatBastard · · Score: 1

      My domain is completely fubar and has been for two days. Luckily it's just an old-fashioned vanity web page, so it's not a big deal.

      --
      Boobies never hurt anyone. - Sherry Glaser.
    3. Re:Data point by RatBastard · · Score: 1

      Cancel that. It just started working again sometime in the last twenty minutes.

      --
      Boobies never hurt anyone. - Sherry Glaser.
  10. Is it a.... DNS amplification attack? by Anonymous Coward · · Score: 1

    The irony all these fools running around warning us of dire consequences of having an open DNS servers while concurrently pushing DNSSEC.

    In the last two decades the only progress of any kind made to fix these problems is sale of brute force mitigation services to those who can afford it.

    Nobody is interested in fixing broken UDP protocols:
    http://tools.ietf.org/html/draft-eastlake-dnsext-cookies-03

    Nor are they interested in applying necessary anti-spoofing filters:
    http://en.wikipedia.org/wiki/Ingress_filtering

    Mitigation is apparently more profitable than spending money to fix what is broke.

  11. slashdot ddos by Anonymous Coward · · Score: 1

    Actually, it was probably just the slashdot post reporting the problem that caused it.

  12. wires to buzz by Anonymous Coward · · Score: 1

    This is a dns reflection/amplification attack. Its affecting most if not all hosting companies, and is limited to boxes with a known vulnerability in Bind. Why do so many people think this is only hitting netsol? Also, its been occurring for more than a week now and thoroughly documented. #GoodAdminsReadAdvisories

  13. That was not a DDOS attack by houghi · · Score: 2

    They were trying to repair it.

    --
    Don't fight for your country, if your country does not fight for you.
  14. We who? by wonkey_monkey · · Score: 1

    If your website does not load this morning you need to ask yourself do we use Network Solutions?

    Wait, is that we meaning you, or we meaning me? I know you means me, because it's me you're talking to. I'm just not sure who we is. Are.

    --
    systemd is Roko's Basilisk.
  15. Re:related to incident from few wks ago? by Z00L00K · · Score: 1

    Seems to me from the comments over at "isdownrightnow" that this isn't the only outage they have had this year.

    One outage is bad for a service like that, repeated outages is killing that kind of business that has to be based on being reliable in all weathers.

    --
    If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  16. I think that was the corporate We by Marrow · · Score: 1

    As opposed to the royal We. You understand now, Oui?

  17. Angry Users On Facebook by JeanInMontana · · Score: 1

    ooooh the comments on Facebook are giving them hell. I have to agree, the latest news comes from Facebook? tsk tsk not how to treat your customers.

    --
    *Think globally~Dream universally*
  18. Prefer to host my own servers by SCHecklerX · · Score: 1

    Netsol makes it difficult to add your own DNS records for your domain. So, I never pursued it. Regretting that now.

  19. So mean! by sootman · · Score: 2

    "... all of their servers are all currently down. You can confirm this by visiting [link]."

    Very funny, guys. Kick'em while they're down.

    --
    Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
  20. What about yesterday's incident? by X0fl1b · · Score: 1

    Our club's website is hosted by NetSol and our homepage was defaced yesterday. After 30+ minutes in the hold queue, I figured it was an issue on their side. Sure enough, the customer rep told me a bunch of their hosting servers suffered an intrusion and thousands of customers were similarly affected.

  21. Don't use your registrar's DNS by jtara · · Score: 1

    I never use my registrar's DNS, even though I like my registrar (Moniker) a lot.

    Nor would I ever use a web hosting company's DNS.

    It's safest to use third-party DNS.

    Risks of single-sourcing registrar, DNS, and hosting:

    - host/registrar goes out of business, or suffers a disaster. You now have no ability to switch to a different host until the situation is resolved through IANA and somebody else gets control of the registry records. If you use third-party DNS, while you now can't change to a different DNS provider (assuming registrar failure) you can still add new hosts to your DNS and can still move between hosts. You can survive a failure of any two of the three services and change providers.

    - you have a dispute of some sort with your host (assuming single-sourcing with host). They now can hold your domain hostage for payment.

    Keeping DNS/registrar/hosting all separate maximizes versatility and makes you more able to squirm out of unpleansant and unexpected situations.