Nov 02 2008

Everything is a Funky DNS Problem

Tom dropped me a mail today letting me know that all the links to my RSS feed were broken.
I tested, and tested again and failed to reproduce the problem.

The only things I had changed recently where the administrator menu module and Pathauto module, apart from that I had not made any changes. So I tried uninstalling the modules to see if that helped, it didn't. There was no difference between the 2 setups.

When I replied to Tom that I couldn't reproduce the problemm he told me he only had the problem on http://krisbuytaert.be/ and not on http://www.krisbuytaert.be/

So I verified the apache vhost config and it turned out that the problem, as usual, was a frigging DNS problem.
Both Apache vhost config files had a different setup, so depending on how you arrived at this site you got a different config.

Annoying .. but I guess I owe Tom a beer for figuring this out and pointing me to my own DNS problem.

Sep 25 2008

Is the internet ready ?

Tarry pointed us to an article questioning if the internet is ready for cloud computing.

The short summary,
the biggest challenge is DNS.

Is DNS going to be secure enough, scalable enough etc.

Don't say I didn't warn you .. "Everything is a Freaking DNS Problem !"

Jul 31 2008

DNS Victims

Everything is a freaking DNS problem , and when you warn people about it , you get a piece of your own cake ;(

So it seems that HD Moore was Misquoted in the press.

So there's victims and victims. Surely Metasploit's credibility will go down as lots of people will only read the first article .. let alone the Metasploit blog that has more details.

Jul 10 2008

Major DNS Update

A lot of discussion is going on around yesterday major DNS upgrade push
Is it needed, is it overkill, are we fixing a new hot flaw or just reiterating over a 4 year old RFC

Yes Dan from DJB DNS already told us ages ago .. but Dan isn't the most loved person on the planet. Now as long as he doesn't head in the direction of that other unpopular filesystem guy :)

Anyhow .. CVS information is here and you can read up on some more background at Securosis

Add to that the fresh release of Unbound and security is back in style just like Chris Hoff said during the VirtSec debate :

“To me, security is like bell bottoms, every 10-15 years or so, it comes back into style.”

Feb 25 2008

Do you trust your current DNS server ?

Darkreading has a report on the next big dns threat according to Paul Mockapetris. DNS corruption. When a user connects to his ISP, or to a Wifi port, certainly a free one.
He has absolutely no idea about the state of the DNS server.

So a user working off a public WiFi port, for example, is at the mercy of the DNS servers it uses, which "could easily be malicious,"

Indeed it might be hacked, it might be modified on purpose, pointing your browser to somesite totally different than you want to .. while you're not expecting it.


  1. [sdog@mine ~]$ cat /etc/resolv.conf
  2. nameserver

Nov 27 2007

Belgian DNS woes

Tim just explained that Easynet is suffering from a routing loop. Causing dns.be to be unreachable for some folks. So sometimes the cause is not a dns problem, only the result is :)

Sep 03 2007

Buy the T-Shirt

Couple of people again have asked me where I got the t-shirt

I actually made it myselve and you can buy it from Spreadshirt

Aug 07 2007

Brandweer Waarschoot

The Brandweer Waarschoot has a funky DNS problem.
Weird how the "real press" claims their site has been "hacked".

Well.. it happened to everybody and their rother earlier this decade .. they only got lucky a brave soul used his credit card for the right goal.

Jan 17 2006


Jan 17 20:32:35 cnode1 ccsd4672: cluster.conf (cluster name = my_cluster, version = 5) found.
Your host name maps to the loopback device rather than a real network interface.Please change your /etc/hosts file so that your host name has a proper IP
address, as a cluster cannot function over the loopback interface.
root@cnode1 modules# Jan 17 20:32:42 cnode1 ccsd4672: Unable to connect to cluster infrastructure after 30 seconds.