Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Network Solutions Outage - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Network Solutions Outage

Network Solutions appears to be experiencing an extended outage. Based on a note posted to Facebook, the note indicates that the outage may be related to a larger compromisse of customer sites.

"Network Solutions is experiencing a Distributed Denial of Service (DDOS) attack that is impacting our customers as well as the Network Solutions site. Our technology team is working to mitigate the situation. Please check back for updates."

The referenced blog website is currently responding slowly as well (it redirects to a networksolutions.com site, which may be affected by the overall outage of "networksolutions.com" ). After a couple minutes, the blog post loaded for me, and it is more or less a copy of the Facebook post above:

"On July 15, some Network Solutions customer sites were compromised. We are investigating the cause of this situation, but our immediate priority is restoring the sites as quickly as possible. If your site has been impacted and you have questions, please call us at 1-866-391-4357."

Various web sites hosting DNS with Network Solutions appear to be down as well as a result. The outage appears to be diminishing over the last 15-30 min or so (4pm GMT) with some affected sites returning back to normal.

This outage comes about 3-4 weeks after the bad DDoS mitigation incident that redirected a large number of Network Solution Hosted sites to an IP in Korea. (see http://blogs.cisco.com/security/hijacking-of-dns-records-from-network-solutions/ )

Network Solution's Facebook page: https://www.facebook.com/networksolutions

 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

I will be teaching next: Intrusion Detection In-Depth - SIEM Summit & Training 2019

Johannes

3631 Posts
ISC Handler
We're feeling the pain, seeing about 25% success rates on direct queries to the NetSol name servers that are SOA for our domain. As TTLs expire, expecting it to get worse...
spooledone

7 Posts
Our domain is getting results now, although the auth ns servers delivering our records still can't resolve their own names.
spooledone

7 Posts
hmmm... I remember the old saying, "He couldn't find his *ss with both hands." Perhaps that can be updated to, "They can't resolve their own name with both hands"...
John

88 Posts

Sign Up for Free or Log In to start participating in the conversation!