Chile NIC explains Great Firewall incident
Chile NIC has released a pretty detailed statement explaining what happened earlier this week, as networks in Chile started sending DNS queries to China, and getting unreliable -- Great Firewall of China style -- results.
There are still a lot of unanswered questions, the main one being, how exactly did this happen, but you can see some speculation here. I've asked Global Crossing for a comment, but have yet to hear back from them.
The statement is in Spanish, but here's a (not entirely reliable) Google Translation of it.
NS ABNORMAL BEHAVIOR OF 24/03/2010
On Wednesday, 24 March 2010, thanks to information provided by engineers VTR, Mauricio Vergara
DNS Manager. CL NIC Chile, announced through a mailing list run by operators
DNS-OARC, a strange anomaly involving the alteration of data in DNS responses from one of the
Servers Root Server "I" located in China which affected areas such as Facebook.com, Twitter.com and
Youtube.com.
1 .- The encountered problem continues?
As we learned through Autonomica / Netnod (Swedish Organization, root-server operators
? I?), They would shut down the connection on your node located in China, and as we have reviewed, we have
again detected abnormal behavior again.
2 .- Do you know which ISPs were affected?
According to what we can detect, at least in Chile were affected ISPs VTR, Telmex and some
others who use Global Crossing as its provider of international connections.
On a server NIC Chile operates in California, it could also detect this fact. However, it was not possible
determine through which Internet provider that traffic passed, whether through Network Solutions or
EQUINIX through.
3 .- What would explain that someone made a root server announcements from China to the rest of the world?
Consultation of the root servers are made to any of the 13 root servers located throughout the world;
these servers are identified by a letter from the? A? to? M?. The root server? I?, Like almost everything
Continue Reading
Print
There are still a lot of unanswered questions, the main one being, how exactly did this happen, but you can see some speculation here. I've asked Global Crossing for a comment, but have yet to hear back from them.
The statement is in Spanish, but here's a (not entirely reliable) Google Translation of it.
NS ABNORMAL BEHAVIOR OF 24/03/2010
On Wednesday, 24 March 2010, thanks to information provided by engineers VTR, Mauricio Vergara
DNS Manager. CL NIC Chile, announced through a mailing list run by operators
DNS-OARC, a strange anomaly involving the alteration of data in DNS responses from one of the
Servers Root Server "I" located in China which affected areas such as Facebook.com, Twitter.com and
Youtube.com.
1 .- The encountered problem continues?
As we learned through Autonomica / Netnod (Swedish Organization, root-server operators
? I?), They would shut down the connection on your node located in China, and as we have reviewed, we have
again detected abnormal behavior again.
2 .- Do you know which ISPs were affected?
According to what we can detect, at least in Chile were affected ISPs VTR, Telmex and some
others who use Global Crossing as its provider of international connections.
On a server NIC Chile operates in California, it could also detect this fact. However, it was not possible
determine through which Internet provider that traffic passed, whether through Network Solutions or
EQUINIX through.
3 .- What would explain that someone made a root server announcements from China to the rest of the world?
Consultation of the root servers are made to any of the 13 root servers located throughout the world;
these servers are identified by a letter from the? A? to? M?. The root server? I?, Like almost everything
Continue Reading
Previous Post: Online retailer Monoprice takes its site down as customers complain of fake...Next Post: Netnod -- Bad DNS information wasn't our fault
What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
WHITE PAPER
Reduce Email Archives up to 60%
Are you considering implementing a proactive archiving and eDiscovery solutions? This paper summarizes 15 separate soft cost savings when implementing Symantec Enterprise Vault and the Clearwell eDiscovery Platform.
WHITE PAPER
Aberdeen Report: To Patch, or Not to Patch? (Not If, But How)
The report explores the correlation between the current use of patch management and the level of endpoint-related risk that companies are effectively accepting.
Recent Comments
Webcasts
- The CISO's Survival Guide to Securing Data
- Data Privacy and Protection in Production Environments: New Research from Ponemon Institute
- FireEye Advanced Threat Protection KnowledgeVault
- Five Tips to Consider in a Data Security Strategy for Smartphones and Tablets
- Moving Your Email to the Trusted Cloud
- Comprehensive Server Protection
White Papers
