Microsoft Having Problems?|
Story at Eleven.
By John Holstein, Cotse Help Desk Coordinator
Back in October, I wrote an editorial on the outcome of not patching your Operating System/Web Server software. In particular, I pointed out the security vulnerabilities within the infrastructure of Microsoft Web Servers. Early this morning (2:45am est) our members discovered a problem at Microsoft.
While attempting to connect to Microsoft's Website we found that we could not route to host. After examination, we found that a tracert stopped three hops prior to their primary DNS server.
From what we have seen this morning, Microsoft-Dot-Net was also down for a period of time. Later this a.m., I was able to directly jump to an internal Microsoft page grabbed from a search engine, leading me to believe that the problem lies within their DNS. This may/may not be the case, only time will tell.
I am 100% sure that Microsoft will not put the sites back up until the problems are resolved. I know I wouldn't. It looks bad for an organization to go down in the first place, it looks worse when they can't stay back up when they *get it fixed*.
After further investigation, we find that all four of their DNS servers are on the same subnet. Duh! Who thought of that? Isn't that one of the "golden rules" of network engineering? Don't put all your eggs (did I say EGG?) in one basket.
When we speak of a Distributed Denial of Service attack (DDoS) against a company, we speak of several high powered computer systems, backboned on high speed data connections producing multiple hits toward a router, server or other network device with various packet sizes. What about an Internal DDoS? What is the designation when engineers cause the Denial of Service? I have a name for it. Stupidity.
If that's the case here, I can also become a fortune teller: "...Mr. Technician, I see bad things coming to you. I see terrible things. I see a giant beast swallowing up your career, sending you to the dreaded ISP Tier 1 Helpdesk Support making one-eighth the salary you make now.. I see terrible things Mr. Technician.." God would I hate to be in the shoes of the person that this may point to...
We checked the "whois" at NetSol to see if someone had hi-jacked the domain name, all information seemed to be correct. This also pointed out another situation, maybe all these "distributed clients" for cracking a crypto-key with 20,000 distributed computer systems were actually trying to crack the key to Microsoft's crypto-pass for their domain name. LOL!!!
Of course we don't know the specifics, and probably never will, so from the information we have gleaned, everything contained herein is purely speculative. However, as you and I both know, the information we obtain is real time and gives us the correct answer: Microsoft is/was down.
One of the most heavily hit websites on the net and *the* most heavily hit of the Software Vendors is/was down. Doesn't this raise some eyebrows?
Needless to say, we will hear the Spin Doctors at Microsoft tell us their version of the story. Just to let you know, we _will_be_ keeping our eye on this.
The outcome of this should send ripples throughout the Networking/Security worlds for sometime to come.
Problems? Questions? Bugs? Email me.
Return to the Help Desk