Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - What's up with fbi.gov DNS? InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

What's up with fbi.gov DNS?

Published: 2011-11-11
Last Updated: 2011-11-11 16:49:30 UTC
by Rick Wanner (Version: 2)
7 comment(s)

We received a report from a reader that fbi.gov, is not resolving. Sure enough, when I do a nslookup or dig, I do not receive an answer from the authoritative server.

$ nslookup fbi.gov

Non-authoritative answer:
Name:    fbi.gov
Address: 209.251.178.99

Digging a little deeper it appears it may be a problem with a DNSSEC key. If you follow the DNS server chain, it appears to be ok.

 Update: We have some indication this is wider than fbi.gov.  It appears there was a  major Internet outage in the New York area.  Most likely fbi.gov switched over to an alternate DNS that didn't have its DNSSec configured correctly.  There is no indication that this is due to any kind of attack.

-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

Keywords: dns fbigov
7 comment(s)
Diary Archives