watchNS/slack.com - moin.dnsq.info

1. slack.com

Contents

slack.com
history

DNSSEC関連の設定ミスでアクセスできないとの悲鳴が続く。-- ToshinoriMaeno 2021-10-01 23:56:04

DNSSEC 設定に失敗した。
設定していたDS+DNSKEYレコードを抹消した。(TTL 1日) キャッシュを考慮しない操作。
quad8がどう対応したのか、おかしな憶測がでている。
- 誰かがcache flush したとの情報がある。

dnsviz で DNSSEC関連を追跡できる。

https://lists.dns-oarc.net/pipermail/dns-operations/2021-September/021340.html

/dns-operations

DSレコードに対応するNS(dnskey) がないのであれば、DSレコード(キャッシュ)を取直せばいいと思うが。

https://lists.dns-oarc.net/pipermail/dns-operations/2021-October/021369.html

Some information on what happened during this incident with the Google Public DNS service.

* GPDNS did not configure an NTA for slack.com
* We observed a small percentage of SERVFAILs during 10:05-10:47 AM PT on 20210930.
 Which was fixed by
* a number of user-initiated cache flush requests for slack.com
records (dname, ds, a, soa) between 10:46 AM to 11:28 AM PT on
20210930.

Our general policy on NTAs is to only add them after evaluating the
specific scenario. We never add them by default.

-Puneet

https://news.ycombinator.com/item?id=28709988

https://twitter.com/Petr52898131/status/1443959135498686467

https://twitter.com/TheRegister/status/1443658850511425540

 but yes backing out of it without taking the cached DS into account seems to be the big issue.

https://twitter.com/hixxxxxhi/status/1443868095576035330?s=20

｢1%の利用者に影響｣という誤魔化し。(新たな手口) これで調べてみればよかった。

https://dnschecker.org/#DS/slack.com

2. history

   Domain Name: SLACK.COM
   Registry Domain ID: 900992_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.markmonitor.com
   Registrar URL: http://www.markmonitor.com
   Updated Date: 2021-09-30T16:10:03Z
   Creation Date: 1992-10-21T04:00:00Z
   Registry Expiry Date: 2023-10-20T04:00:00Z
   Registrar: MarkMonitor Inc.
   Registrar IANA ID: 292
   Registrar Abuse Contact Email: abusecomplaints@markmonitor.com
   Registrar Abuse Contact Phone: +1.2083895740
   Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
   Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
   Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
   Name Server: NS-1493.AWSDNS-58.ORG
   Name Server: NS-166.AWSDNS-20.COM
   Name Server: NS-1901.AWSDNS-45.CO.UK
   Name Server: NS-606.AWSDNS-11.NET
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2021-10-01T23:56:18Z <<<

CategoryDns CategoryWatch CategoryTemplate