Slashdot Mirror
Microsoft Takes Down No-IP.com Domains
An anonymous reader writes For some reason that escapes me, a Judge has granted Microsoft permission to hijack NoIP's DNS. This is necessary according to Microsoft to thwart a "global cybercrime epidemic" being perpetrated by infected machines running Microsoft software.
No-IP is a provider of dynamic DNS services (among other things). Many legitimate users were affected by the takedown: "This morning, Microsoft served a federal court order and seized 22 of our most commonly used domains because they claimed that some of the subdomains have been abused by creators of malware. We were very surprised by this. We have a long history of proactively working with other companies when cases of alleged malicious activity have been reported to us. Unfortunately, Microsoft never contacted us or asked us to block any subdomains, even though we have an open line of communication with Microsoft corporate executives. ... We have been in contact with Microsoft today. They claim that their intent is to only filter out the known bad hostnames in each seized domain, while continuing to allow the good hostnames to resolve. However, this is not happening."
Does not seem legal.
This is their business the court decided to hand over to Microsoft. Lawsuits should be flying in all directions.
The best money could buy.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
If a judge granted permission, I have feeling that a domain name service provider may have been guilty of alerting their customers to legal intentions. Which gives credence to locking it down before a new sub-domain is created to deliver the same traffic. While I don't side based on a brief, I don't make adverse statements. I can only surmise.
And it's microsoft.com, the creator and perpetrator of Internet Explorer and Windows, the two biggest malwares ever invented. They should be shutdown immediately. Thanks.
So after decades of the community putting Microsoft on notice that HotMail is abused by spammers, can I sieze the domain name?
In other news Microsoft has come out in support of preserving a free and open web
.
Now it appears that Microsoft is using their reputation for producing security-challenged software to badger companies for PR purposes. The headlines will all read, ~Microsoft takes down a company that is a security threat~. And Microsoft will look good in the headline.
But what has Microsoft really accomplished? Will Microsoft's reputation for software with abysmal security be changed? Or will a small company be crushed because a huge company is trying to look good?
What is the legal precedent for taking ownership of a company's assets (without apparently even informing them beforehand) and randomly giving them to some other company to use? How is that even a legal possibility?
Troll is not a replacement for I disagree.
While I fully blame Microsoft for creating this mess, I'm somewhat dismayed that as a customer I'm finding out that my service is down from a news outlet rather than from noip themselves! I've been using their sub domain wildcard service for 7-8 years now and have just now found out that it's down. I'm none too happy about being thrown out with the bathwater!
Evil is as eval("does");
I'd better write down the remote IP for my VPN connection before the session closes.
I really can't see why this wouldn't be possible using the exact same logic that MS uses.
I don't serve anything important... but I usually post images through my local server and upload to imgur "through the web" - it took several retries when I tried to do this a short while ago, and now I know why.
Thanks, Microsoft.... you can't just take over no-ip and then run it through crap servers that can't handle the loads.
I've looked a bit but never really found a package to do this, although it's been a few years. I've got a BSD box, a static IP and some domain names. How would I set it up so that other hosts could use this in a dynamic way to set forward DNS records if they were on an ISP's ever changing DHCP addresses?
In other words, how can I roll my own no-ip.com system without being a Vixie level hacker?
-- I have a private email server in my basement.
i wonder if the same court would let you take update.microsoft.com and redirct it to ftp.debian.org using this reasoning
---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
Using blockchain technology for decentralized consensus. Let's take the power from the corrupt and place it back with the people.
We should change the definition of Legal to "Backed by much money".
So *that's* why my DDNS suddenly went dark today, with no apparent explanation.
Port 80 forwarding to the right LAN IP. Server daemons are running. I can access all the services directly by WAN IP (not very useful). Updater client running just fine. No firewall configs in the way. No-IP reports the correct IP. No news posting on No-IP's website about any sort of outage or technical issues.
Well, I was lost -- that was everything. ... and that was all because of this horseshit? Guess what... I'm not even *in* the US, so now the US courts think they have jurisdiction over countries? (OK, that's not new)
Fuck all involved. Hope they get their asses sued to hell. And this judge canned for such a dumbass decision.
Bullshit.
April 2013: http://labs.opendns.com/2013/0...
Sept 2013: No-IP is a preferred choice for other similar attacks for command and control infrastructure: http://threatpost.com/njw0rm-a...
Feb 2014: Even Cisco said their domains were being abusive and they posted to complain that Cisco didn't contact them. http://www.noip.com/blog/2014/...
Looks to me like they should have contacted Microsoft and asked them for help. I guess they waited too long.
So my email and VOIP system has been subject to an attack by Microsoft (as they rely on *paid for* no-ip domains.).
Can we have microsoft.com domains taken down, as they are clearly causing a huge amount of damage to the fabric of the Internet.
What a bunch of w******s
So, Microsoft's argument was that they needed to hijack thousands of computers, secretly redirect them and put people in financial strain... so that someone else couldn't hijack thousands of computers, secretly redirect them and put people in financial strain?
Great plan, fuckwits!
If it wasn't for the all the holes in WIndows then there's would't be as many people trying to distribute malware. MS themselves are the first in line as the root cause.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
Well, fuck. No-IP going down? A million basement virgins lose access to their favorite minecraft server, and nothing of value was lost.
But, dammit MS, you proved APK right about something. That karmic burden is on you guys now. That bell can't be un-rung. You've got to carry that forever now.
Socialism: a lie told by totalitarians and believed by fools.
USA and Microsoft the self-appointed police of the world strikes again... Two comments. If it indeed no-ip has virus problems, it would be FBI, CIA or NSA, or whatever national agency and not the fuckwits from Microsoft. Second point, if we are talking about malware distribution points, are we disabling hotmail.com and microsoft.com too?
It's not about a real domain, it's about dynamic IP.
I have a "real" domain but I am still using no-ip.org to connect to some VPNs on ADSL with dynamic IP addresses.
I'm sure there's some ISP out there that ridiculous, but I've never seen one that would change your IP unless you rebooted your Cable/DSL modem (or they had some sort of outage to the same effect) - how would they even know you rebooted your server? There was a time when many people reached the Pirate Bay by hitting a forum for this week's IP address. There was a time when most gamers reached their server by checking a forum/BBS for the server's current IP.
But, hey, if the only ISP with service to Mom's basement is that evil, I understand, this must really suck for you! Just remember to be careful if you get so bored that you wander out into the Blue Room - remember, the Day Star will burn unprotected skin!
Socialism: a lie told by totalitarians and believed by fools.
So articulate!
Can you provide a 35 page thesis on this by Friday?
Chas - The one, the only.
THANK GOD!!!
A quick skim of the motion for the court order gave me the "boilerplate" and "cut & paste" feeling. There is a lot of sloppy line blurring between actions and complaints directed at the Malware authors and the no-ip folks. Sometimes they refer to the "Malware Defendants" and other times the generic "Defendants" when they meant the former. Really sloppy legal work.
There are some real gems in there:
From section 7:
"There is good cause to believe that immediate and irreparable damage to this Court’s ability to grant effective final relief will result from the sale, transfer, or other disposition or concealment by Defendants of the Internet domains at issue"
Say what? How is that related anything? Its not like the TRO will actually prevent people from being able to hit 'delete' via the control panel. Given that everything's busted by their own doing, the bad guys got a huge head start.
From section 8: ..." ...
"... and the interest of justice require that this Order be Granted without prior notice to Defendants
Wow
The full motion text: http://www.noticeoflawsuit.com...
It seems to me that regardless of what good intentions that Microsoft may have had, they've really fouled up the execution. They'll be remembered more for taking out millions of legitimate users than the malware they *might* be able to take down.
Well as Google runs their own public dns servers and is branching out in the being a registrar that could be very hard to enforce as Google could just say we are our own registrar additionally Microsoft would find them selves on the loosing end of the biggest lawsuit and damages claims you have ever seen if they tried that. It is one thing to pick on a small company it another to take on a massively powerful well financed very much more popular equal.
---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
I suggest all scammers, spammers and malware coders immediately move to azure. My developer friend tell me .NET is the shit :)
Comment removed based on user account deletion
Comment removed based on user account deletion
Windows is an easy target for cybercriminals
So... How come they shut down no-ip instead of Windows sales?
So MS has a 'Digital Crimes Unit' and the US courts allow it to carry out law enforcement duties. How long before they have their own policemen, courts and prisons? It goes together with the Microsoft tax I suppose.
The motion is here: http://www.noticeoflawsuit.com...
Wrong again. But if you keep posting it, maybe 1 or 2 people will take your word for it instead of reading what that actually is.
http://en.wikipedia.org/wiki/K...
So when Microsoft hijacked the DNS, the IP addresses of No-IP services should still be running, no?
Does anyone have a list of their (old) IPs?
Microsoft's anti-malware crusade knackers '4 MILLION' No-IP Users
http://www.theregister.co.uk/2...
My router's auto-dynamic IP setup still has my "no-ip.biz" alias as current, I just refreshed it and got a renew, I barely remembered I used this service until I read this. I'm not going to keep using it until I know WTF.
well, I'm pretty sure the judge didn't ask no-ip.
and MS portrayed it to the judge in the way that they must do it in haste, no time to waste.
so two things, MS mislead the judge and the judge didn't give a shit about ASKING THE FUCKING COMPANY WHO OWNS the DOMAINS. there's of course the trouble that hey, the fucking system allows that you can do that with a court order. now MS could have done this with any domain they chose.
world was created 5 seconds before this post as it is.
BT in the UK.
My IP address changes every week or so, and I'm not rebooting my modem.
Sigs are so 1990s. No way would I be seen dead with one.
If this was one of their "we're taking over domains to kill a botnet" plans, that explains why no-ip was not informed. If word got out. how many seconds does it take for the botnet controllers to update the host names?
I still think it's shit though. Can't access my home VPN.
Security cameras is another common usage. A low cost installation has some IP cameras on a residential dynamic IP internet service, so you use no-ip for access. I can't access my vacation house feeds today. For all I know there might be gnomes partying around the premises right now. Thanks MS.
Violence is the last refuge of the incompetent. Polar Scope Align for iOS
The coincidence is that DynDns stopped offering free service a while ago. Maybe Microsoft made them an offer they couldn't refuse...
I think CoolVibe means "get a real VPS with a static IP and real DNS".
Hit them where it hurts and boycott Microsoft products. There are not many enterprises that can have the luxury of hurting millions of clients.
Perhaps Microsoft should be enjoined from distributing a OS that is responsible for most the the malware and spam that everyone's firewalls and filters are defending against.
Surely it's the creators of malware and spam that are primarily responsible?
[grudge mode]I will be sure to claim damages for this, as I am using no-ip for my own server which is perfectly valid and runs no Microsoft software whatsoever (nor will it ever). What judge is so stupid as to do this ???[/grudge mode].
Did not hear anything from No-ip though ; when I logged in yesterday to find out what was wrong, and why my domain was not resolving, there was no information whatsoever.
Slashdot: stuff for news, nerds that matter, matter for news, stuff that nerd
Why don't you fix it?
I got the MS Notification on the activity at work.
There were 200 different items of malware being served across 22,037 separate malicious domains. If there are 4 million customers, and 1:1 customers to domains, that is about 180 innocent domains for every one malicious one.
I'm all in favor of shutting down botnets and i can see the results (for a while) in spam volumes hitting us when actions like this are taken, but this much collateral damage seems likely to hinder future efforts.
--- Mercutio was right.
1. Extinguish
The grandfathered in existing customers. I paid them like $90 in the 90's and still use their free services (in addition to the services I paid for only once)
I made quite a few "real domain" cnames to my dyndns.org and was doing web hosting from a dialup. My stuff still works for the moment :)
Microsoft does not think so - they went after no-ip after all.
emanate domain, sometimes also called condemnation - is what government uses to do the same thing and almost always now to give to another company "for the greater good". Ever been forced to allow an easement, usually for some cabling or piping company to make a profit through your land? We've had land taken around here for a city owned bike trail and at least one of the property owners was not contacted before they took his land and built the trail without his knowledge - condemnation later took care of that problem when he didn't want to sell them what they already took.
another victim of bad spell check selection. the US education system and auto correct have failed me again :( I blame Microsoft.
There are ways to do VPNs from dynamic endpoints that don't require dynamic DNS. IPSec supports xauth for just this purpose.
As GP clearly stated: what it replaced wasn't broken. It's change for the sake of change which is rarely good.
This is like nuking Nigeria to stop Nigerian scams.
IAAL (but this isn't legal advice). I noticed that it was an ex parte hearing, which is why this whole mess occurred. They're useful for preventing domestic violence, but ripe for abuse in all contexts. NO-IP should be moving for an emergency hearing and the whole issue should be resolved within hours. Beyond that, NO-IP should follow-up with a suit for damages (I suspect MS will pull the we-got-a-court-order card and NO-IP gets to respond back with you lied to the court. It all goes nowhere and they settle).
The more interesting aspect is the disrupted users. While MS moved against NO-IP ex parte, they apparently made assertions that they would keep the service functioning properly. They've failed there and suits are now possible for those failures. More interestingly, however, is whether MS was recording, manipulating, or in any other way playing with the traffic. If so, there are some excellent wiretap statutes waiting to be had.
I, sadly, didn't have an NO-IP account, but if I did, I'd be heading to the court house this afternoon. This is what happens when you skip due process, let a to-big-to-fail corporation do whatever it wants to private corporations through the guise of the courts. Corruption at it's finest. MS should be bludgeoned thoroughly enough to at least think twice before attempting it again.
As someone who is also affected by this sudden outage, I have to agree with you. Noip was the last free service that my home router supports. Thanks to Microsoft, I can now log into my computer, curl the external url, note it down, and adjust my remote access scripts every day.
I cannot believe that this is apparently legal. In my book this proves beyond any doubt that the US legal system is totally fucked up and that we need international treaties to protect non-US users and customers from this system. This is also the first time I am seriously considering taking a lawyer and press charges against Microsoft and/or the court responsible for this. It is probably not going to happen, though -- much too expensive and not many chances of success.
Is there anything else that can be done about this?
Hmm... Microsoft behaving like a spastic bull in a china shop? Who would've thought it was possible...
All well and good that they're trying to fight the good fight against malware; but taking out millions of legitimate users as collateral damage is simply unacceptable. Somebody really botched this operation. I hope there's some sort of accountability (but I'm not going to hold my breath).
I see no practical way to close the "users are willing to install software that turns out to be malware" hole without either A. banning free software or B. actually following the money to find the parties who benefit from the use of malware. Apple's iDivision and the major game console makers choose option A, but I don't think it'll scale to computers used for actual work
No-IP has nameservers that they block for outside domains.
I think that, at least until this nonsense is over, they should open up access to everyone for resolving no-ip domains. That way at least the nerds could access their machines - using
nslookup <your-domain> <no-ip's dns>
(this works both on Linux and on Windows!)
I'm sorry, I couldn't understand you over the WOOOSSSSHHHHH.
Go on, citizen, stamp the vote card. R or D, your choice.
If No-IP was actively helping the malware guys then giving them notice would mean all the bot-nets would have been re-hosted instead of getting cut off from their control servers like they are now. Microsoft is getting a name for actively hunting down bot-net networks and shutting them down. It actually makes a (small) dent in all the harm they caused by not securing Windows in the first place. They could make a huge dent in that harm by swapping Free-BSD for the OS that lurks under Windows, but I'm not hopeful.
My game got released on Kongregate on June 30th, 2014, and less than a day later, NOIP got hijacked by Microsoft.com. I knew the environment is bad for the little guy, but I didn't expect Microsoft to hose my game within a day of release.
God spoke to me
Have you heard of CNAME records? You still need a hostname for your dynamic IP.
Like many slashdotters, I have an old box under my desk which grabs mail from several external accounts via pop and serves it up via imap. No smtp though. And having home DSL with no static IP, I use No-IP to provide a stable domain for that machine. So this morning I wake up and discover that the domain has disappeared and my mail client can't connect. And I'm out of town, so have no physical access to the box, which is still happily grabbing my mail from external accounts.. Fortunately the no-ip website is still displaying the dynamic ip address the domain was last pointing at, and my ISP hasn't changed it (and probably won't until I next reboot) so I've been able to log in just using the ip address, but now I need to waste a morning switching it to another domain. Seriously, wtf microsoft!
This is more like shutting down all email to stop Nigerian scams.
It is not the modem, but the equipment/router connected to your modem, unless your cable modem is a combo of cable modem/wifi router.
I entirely disagree that Kelo is not applicable. This is what O'Connor wrote in her dissent.
"Any property may now be taken for the benefit of another private party, but the fallout from this decision will not be random. The beneficiaries are likely to be those citizens with disproportionate influence and power in the political process, including large corporations and development firms."
> The court should consider the validity of the arguments against them and the facts of the case.
I've won two default judgements and that's precisely what happens. Of course, judges are not investigators. They consider the facts _as_presented_by_the_parties_. If one party doesn't show up, the judge doesn't hear their side of the story. The party who does show up still has to make a "prima facie" case, meaning that they briefly explain why they should win. The judge then considers the facts they present and their arguments and makes a decision. It's not too unusual the only party who shows up doesn't get EVERYTHING they want. They'll probably "win", meaning get most of what they want, though not always.
In one of my two cases, I showed the judge that what I was asking for was completely fair to the other party, that they would probably agree to it (which in fact they had, but we needed the court to make it official). The judge was interested in seeing that it was fair - he wasn't going to give me a default judgement that was clearly unfair to the party who didn't show up.
The losing party who didn't show up can then appeal. I had that happen with an insurance company. Their insured hit my car and it was his fault. When they didn't answer phone calls or letters, I sued. They didn't show up, allowing me to get a default judgement. I guess they were hoping I wouldn't show up either, because the very next day they filed an appeal - meaning they WERE paying close attention to the case. It's entirely possible they even had someone in the courtroom to see me win the default judgement, choosing to see if I would blow my own case in the default hearing before they paid their attorney to show up.
Just setup a CloudFlare account and host your dns through them for free. Then use their api on your server whenever your ip changes.
An example of using the API is as follows... taken from https://www.cloudflare.com/doc...
curl https://www.cloudflare.com/api... \
-d 'a=rec_edit' \
-d 'tkn=8afbe6dea02407989af4dd4c97bb6e25' \
-d 'id=9001' \
-d 'email=sample@example.com' \
-d 'z=example.com' \
-d 'type=A' \
-d 'name=sub' \
-d 'content=1.2.3.4' \
-d 'service_mode=1' \
-d 'ttl=1'
When you install Malware on my machine, you have two choices, you can give it an IP to contact, or you can give it a DNS name.
If you give it a static IP address, it's easy for the good guys to contact your provider and squash you.
If you give it a DNS address on a provider that doesn't do fuck all about malware hosts using it, then you can survive the whack-a-mole game for a long time.
A dissent does not set precedent, and I fully agree with her dissent.
That said, it *still* does not apply to an ex parte TRO. What MS did has been done for a long time in many jurisdictions. This may be the biggest profile questionable application of the ex parte TRO, but it's not the first or last of its kind, and it's in no way relevant to an eminent domain ruling.
You can't just mess with people's stuff like this, or potentially destroy a business. Fucking unbelievable that microsoft got a judge to permit this.
SURELY NOT!!!!!
No Intellectual Property?
I have no problem with your religion until you decide it's reason to deprive others of the truth.
After calling Microsoft technical support many times today, it is obvious they had no clue how many legitimate users No-IP has. They were completely unprepared for the calls to restore service and they were given no information about No-IP. Many times I was referred to their legal and corporate affairs office (425-706-7863). They don't know anything either. Eventually I was transfered to some Azure department where I was told they would offer to sell me a replacement service.
. Quit playing Monopoly with Bill. Switch to one of many non-Microsoft products today.
Our company has found evidence there are people driving cars while under the influence of alcohol in and out of the city, every single day. In order to safeguard our customers who frequently travel the city streets, we move to block all roads accessing the city.
Come on Microsoft ... if you want to be the hip guy who are just as cool as Apple and Google, you need to stop doing this kind of stuff. If you want to steam ahead as you are currently going, with draconian initiatives with questionable legal base that mess up the infrastructure of mostly tech savvy users (you know, the people who give advice to others what they should buy) who will tell their friends exactly what they believe people should expect from your company, then here is a free suggestion for a new company slogan, "Microsoft - because we can".
I don't know where you went to school, but you should ask for a refund. Or read up on basic percentage calculations.
Microsoft claims that 93% of the malware traffic is traced to No-IP. But that says nothing about the total amount of traffic for No-IP, nor does it say anything about the total volume of legitimate domains. Malware traffic could be as little as 1% on No-IP's infrastructure while still accounting for 93% of malware DDNS traffic.
It is completely wrong to state that 93% of No-IP domains are hosting malware. A large number of legitimate customers are being affected by this, and Microsoft is not resolving their DDNS domains correctly (as promised). The actual percentage of legitimate vs malicious domains is unknown, as is the distribution of legit/malicious traffic.
Also, Microsofts claims are disputed by No-IP, so we should not take them at face value. No real evidence of malice has been proven (yet), which makes it extremely questionable that this was conducted ex parte.
Finally, the fact that No-IP was a favorite for malware is not (or should not be) in itself sufficient to take control of the domains like this. I sincerely hope Microsoft can prove No-IP did not respond properly to requests. Or that they can document that an extremely large portion of total traffic on No-IP was malware (which we know nothing about at this point).
Simply quoting the 93% number is a pile of BS. I can't stand by itself. I can say with certainty that at least 93% of the Nigerian scam mail I have received the last year has used a hotmail.com or outlook.com account. But surely this does not prove that Microsoft is willingly aiding Nigerian scammers and that their domains should be seized?
My security clearance is so high I have to kill myself if I remember I have it...
The applicability is in the logic behind the majority ruling, which is spelled out in the dissent. This situation is very much akin to what O'Conner was worried about given that the ruling allows forany property to be seized from one private entity in order to benefit another private entity.
Judge Jackson, where are you when we need you most?
I wonder if the folks at Dropbox are worried about the same fate after all of the Cryptowall malware hosted by their service.
Again, no. That is not what this ruling allows.
It's far more narrow than that.
The ruling allows a government to take private property with just compensation for the benefit of another private party where that private party's good coincides with the public good.
This was an ex parte temporary restraining order. An order where a single party asks for relief from the judiciary under extreme circumstances temporarily without the other party having to be present.
I fully understand the similarities you are trying to point out, but they still *do not apply*.
Anyone who has been in an unfortunate business partnership has probably seen their private property temporarily controlled by another party under the order of an ex parte TRO, or at least an attempt at it. A common use is to seize assets before someone can wipe your data off of them.
Basically, any injunction that a judge has the power to grant on a retraining order can be done ex parte, where law allows.
Those aren't the domains Microsoft seized. APK merely listed No-IPs ccTLDs, which is wrong. Microsoft seized all the domains associated with all the No-IP subdomains listed in http://www.noticeoflawsuit.com... - all the documentation can be read at http://www.noticeoflawsuit.com....
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
From the article:
> This is the third malware disruption by Microsoft since the November unveiling of the Microsoft Cybercrime Center
> —a center of excellence for advancing the global fight against cybercrime.
How clueless do you have to be to reach that level of excellence in Microsoft?
I mean, where do you live if you don't know that no-ip has a huge customer base and that tampering with their DNS just might be a difficult thing to do? You have no place in IT if you don't know this.
Why? AWS hosts far more malicious stuff than Azure does (probably because AWS has a free tier, and Azure does not).
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
Then use one of the unaffected paid-customer-only domains. Sorted.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
Yes there would be viruses, malware, and a multi-billion dollar a year AV industry, because the criminals would actually be writing malware for OS X and Linux.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
All parties involved -- Microsoft, NoIP, and NoIPs registrar -- are in the US. What court would you expect to have jurisdiction? The problem is that the court went batshit crazy in issuing this order, not that it was in the US.
Well, no. Since what they claimed is that they only SEEK to block traffic to the malicious domains. For example by blocking the bad ones and recursing the other ones. Now, they failed to do that, but it wasn't intentional. You certainly wouldn't be able to claim bad faith.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
Well, fuck. No-IP going down? A million basement virgins lose access to their favorite minecraft server, and nothing of value was lost.
Actually, I've got over a dozen businesses running No-IP using them to create VPN's across dynamic IP addresses. This has created QUITE a bit of financial loss and headaches for a large number of businesses that utilize this.
Hi:
This is what I have done for my dynamicIP issue:
Register a subdomain with Allowed.org or Moo.com or afraid.com
e.g. myhome.allowed.org
Next goto your real domain registrar or edit your own DNS server and create a CNAME for a subdomain that points to what you registered.
e.g. myhome.mydomain.com -> myhome.allowed.org
Just be aware that it has no rDNS.
Next, create a script that updates your IP whenever you notice it changes using this script:
wget http://freedns.afraid.org/scri...
So, for my purposes: I heavily restrict ssh on my C5 servers to specific domains/IPs using shorewall.
Whenever my IP would change i risked getting locked out and had to resort to a jump host.
Now, instead I have a shorewall param that sets some var to myhome.allowed.org and a rule that permits ssh using that var.
Then just run a cronjob to update the IPaddress on a regular basis.
Hope this helps.
resist propaganda
People said years ago they wanted their governments run like businesses. Well. Here you are. And they've done you a level better: government isn't run like a business; it's run by a business.
Shades of BeOS. Or "Internet Explorer is an operating system".. or manufacturers that offer multiple boot are blocked from OEM Windows.. or Aaah "Doesn't the "crunch" of bones being broken by that steamroller sound so goood"..
Thanks, I'll look into it, I have to see if I can do this on a dd-wrt router.
Just checked now, dd-wrt knows about freedns.afraid.org and also it seems that my no-ip.org domains work again.
Hey fuckwit, I didn't say anything about your fucking hosts files. I said your list was wrong because it included a bunch of domains which aren't seized, which is correct.
There's a reason people resort to profanity when dealing with you: because you're a contemptible trolling cunt who needs to fuck off and stop acting like a 5 year old. If you actually read my comment history, you'd see that on occasion I have even agreed with you, where you say things which make sense.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
APK, for the love of all that's holy... I don't give a shit about your hosts files. They aren't even relevant to this topic. And I post days later because I don't troll Slashdot day and night looking for perceived offenses to take umbrage at and scour comment histories to spam up with irrelevant bullshit.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
Moron, I don't even HAVE mod points. And even if I did, ACs can't moderate, so logging out of my account wouldn't allow me to downmod your post anyway.
Have you considered seeking help? You ave all the signs of paranoid schizophrenia.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
What are you sniveling about now? no-ip.com wasn't seized. The authoritive NS records for the domain still point to Vitalwerks' servers. Ditto for the other no-ip ccTLDs - all of which you listed. Face it, your list is wrong, and RANDOMLY capitalising and bolding WORDS doesn't change that fact, or that hosts files are irrelevant to this discussion.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".