Feeds

Microsoft brings web sites back into play

Cock-up not crackers behind web site outage, say MS

  • alert
  • submit to reddit

SANS - Survey on application security programs

Microsoft has confirmed that problems with its domain name servers were behind the outage of all its main Web sites today, and said that the problem had been fixed making the sites available.

From the early hours of this morning until late afternoon www.microsoft.com, msn.com, expedia.co.uk and msnbc.com were all unavailable. The software giant's Hotmail service was also unavailable.

A company spokeswoman said the sites were now available and confirmed the diagnosis supplied by Register readers, that domain name server problems were responsible for the blackout, was correct.

"Temporary problems with domain name servers, which were not responding to requests, were responsible for this problem, not security issues. Microsoft has not
been subject to a denial of service attack," she said.

The root cause of the outage is yet to be properly explained but early analysis of the situation points to human stupidity rather than hostile hacker action as been behind the whole debacle. Microsoft initially dismissed speculation that weekend problem with DNS servers that made Microsoft's site unavailable for some are related to its problems today, but this is now considered a strong possibility.

After we ran our initial story on the Great Satan of Software's Web Site blackout, Register readers quickly diagnosed that Microsoft's domain name servers were out of commission. Its four domain name servers were are all running, but none are able to locate where www.microsoft.com is.

Another reader pointed that, according to the whois database, both microsoft.com and msn.net rely on the name servers at xxx.msft.net

He said that Microsoft has all it's name servers in one subnet, and that this subnet was either down or unreachable.

Cotse.com, a specialist Web site for computer technicians, said that use of only one subnet broke one of the 'golden rules' of network engineering and meant Microsoft was effectively putting "all its eggs in one basket".

Throughout the whole debacle Microsoft's Web server itself was NOT down and is accessible here or here, and weirdly via microsoft.com. ®

Related Story

Microsoft confirms Web site blackout

3 Big data security analytics techniques

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.