20 Aug
2013
20 Aug
'13
2:04 p.m.
Yo,
And because those clever bastards injected wrong ip addresses for ns1.ip- plus.net and ns2.ip-plus.net with a long TTL to DNS caches this also affects other ip plus customers because the caches start asking the wrong IP for zone data of any zone hosted on those DNS.
Hint: Use DNSSEC Signatures. Caches would not have accepted the injected records (unless they are correctly signed of course).
I wonder if maybe only the ns1.ip-plus.net and ns2.ip-plus.net glue records at our ccTLD registry got altered. This would have lead to the same problem.
Mit freundlichen GrĂ¼ssen
Benoit Panizzon
--
I m p r o W a r e A G -
______________________________________________________
Zurlindenstrasse 29 Tel +41 61 826 93 07
CH-4133 Pratteln Fax +41 61 826 93 02
Schweiz Web http://www.imp.ch
______________________________________________________