My next class:

Network Solutions Outage

Published: 2013-07-17. Last Updated: 2013-07-17 15:28:23 UTC
by Johannes Ullrich (Version: 1)
3 comment(s)

Network Solutions appears to be experiencing an extended outage. Based on a note posted to Facebook, the note indicates that the outage may be related to a larger compromisse of customer sites.

"Network Solutions is experiencing a Distributed Denial of Service (DDOS) attack that is impacting our customers as well as the Network Solutions site. Our technology team is working to mitigate the situation. Please check back for updates."

The referenced blog website is currently responding slowly as well (it redirects to a networksolutions.com site, which may be affected by the overall outage of "networksolutions.com" ). After a couple minutes, the blog post loaded for me, and it is more or less a copy of the Facebook post above:

"On July 15, some Network Solutions customer sites were compromised. We are investigating the cause of this situation, but our immediate priority is restoring the sites as quickly as possible. If your site has been impacted and you have questions, please call us at 1-866-391-4357."

Various web sites hosting DNS with Network Solutions appear to be down as well as a result. The outage appears to be diminishing over the last 15-30 min or so (4pm GMT) with some affected sites returning back to normal.

This outage comes about 3-4 weeks after the bad DDoS mitigation incident that redirected a large number of Network Solution Hosted sites to an IP in Korea. (see http://blogs.cisco.com/security/hijacking-of-dns-records-from-network-solutions/ )

Network Solution's Facebook page: https://www.facebook.com/networksolutions

 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

3 comment(s)
My next class:

Comments

We're feeling the pain, seeing about 25% success rates on direct queries to the NetSol name servers that are SOA for our domain. As TTLs expire, expecting it to get worse...
Our domain is getting results now, although the auth ns servers delivering our records still can't resolve their own names.
hmmm... I remember the old saying, "He couldn't find his *ss with both hands." Perhaps that can be updated to, "They can't resolve their own name with both hands"...

Diary Archives