Home » News » Roundups
MS-DNS
23 January 2001 07:00 UTC - ?
'Microsoft's DNS configuration equals the membership dues for the sub-fifty IQ club.' - Greg Keefe
In the early evening of Tuesday 23 January 2001 Microsoft's DNS went down - and took Hotmail, Passport and Microsoft sites world-wide with it, starting the greatest DNS disaster in Internet history. This comes at a time when the Redmond monster wants the world to trust in its systemware and its Internet server software even more than before: .NET 'technology' will attempt to run critical applications off the web itself.
And thus the questions: Does Microsoft really know what they are doing? Experts who demonstrably do know what they are doing, who manage large networks and DNS support, are worried.
Microsoft outsources its DNS to Akamai. At least one server there will be running the Happy Penguin.
The real story behind the recent outage at microsoft.com told here for the very first time.
'I was appalled to find out that the DNS records for MICROSOFT.COM show that the primary and secondary name servers are, in fact, one and the same. This is contrary to all established standards for a robust network.'
'National or global organizations should, as standard operating procedure, have their DNS servers on different networks served by different ISPs and running on different operating systems - Solaris and FreeBSD, or Linux and HPUX - so as to minimize the threats for DoS attacks, known OS vulnerabilities, and connectivity issues.'
First it was the BellSouth backbone; now it's Microsoft's own domains. The victory march continues.
Microsoft say their second total failure on Thursday 25 January was not the result of shoddy DNS networking but a concerted DDoS attack. But was it?
'If they had done their job right in the first place, it simply would not have mattered if a router went down, because there would have been no single point of failure in their DNS setup.'
|