The Register® — Biting the hand that feeds IT

Comments on: Sophos DNS snafu creates update problems

Who needs hackers 

By Anonymous Coward Posted Friday 5th September 2008 14:44 GMT

when you can rely on service providers ?

Classic "SPA," or "Service Provider Attack" 

By Gordon Fecyk Posted Friday 5th September 2008 14:48 GMT

Pirate

The largest SPA I remember was the AT&T @home snafu, where millions of e-mail addresses were lost.

Nice to see Sophos isn't immune to their own people. Though I wonder how soon the "attack" was really reported. Doesn't Sophos ask their customers to update their anti-virus software every hour?!

Situation Normal then 

By Vince Posted Friday 5th September 2008 21:50 GMT

I can't imagine it matters, last I checked Sophos couldn't spot a virus or anything of that ilk if it tried. Status usual.

UK site unaffected? 

By Martin Edwards Posted Friday 5th September 2008 22:37 GMT

I can't access either the .com or the .co.uk. Maybe that's just a freak coincidence at my end!

I'd like to know 

By Anonymous Coward Posted Saturday 6th September 2008 10:20 GMT

Stop

Why their AV tries to fetch updates by a domain name rather than an IP address.

If they had made it update by using IP addresses this wouldn't have been such a serious problem.

@Situation Normal then 

By Alex Posted Saturday 6th September 2008 11:51 GMT

Coat

Oh look, another Norton Anti-Virus User!

Sophos-DNS isn't hosted externally 

By schmiddi Posted Monday 8th September 2008 04:01 GMT

It's somewhat nice reading that they blame an external provider for their DNS-issues - according to WHOIS they run their own DNS-servers, and a tracert to one of them proves this:

Tracing route to ns4.sophos.com [213.31.172.25]

over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms BLANKED OUT

2 1 ms <1 ms <1 ms BLANKED OUT

3 8 ms 8 ms 7 ms BLANKED OUT

4 8 ms 7 ms 8 ms BLANKED OUT

5 11 ms 11 ms 10 ms BLANKED OUT

6 11 ms 11 ms 11 ms BLANKED OUT

7 12 ms 12 ms 12 ms BLANKED OUT

8 12 ms 12 ms 12 ms t2c2-ge12-0-0.de-fra.eu.bt.net [166.49.172.101]

9 12 ms 11 ms 12 ms t2a4-prc2.de-fra.eu.bt.net [166.49.172.52]

10 19 ms 18 ms 19 ms frankfurt55.de.eqip.net [166.49.147.174]

11 27 ms 26 ms 26 ms 195.90.66.74

12 27 ms 28 ms 27 ms 195.206.65.37

13 30 ms 31 ms 30 ms sophos-abingdon.gb.eqip.net [213.31.192.130]

14 32 ms 32 ms 32 ms ns4.sophos.com [213.31.172.25]

15 32 ms 31 ms 33 ms ns4.sophos.com [213.31.172.25]

Trace complete.

I assume that the second nameserver is also being maintained by Sophos, directly, but due to requirements of DNS-servers having to sit in different IP-address-segements this one doesn't resolve directly into Sophos HQ, naturally.

Re- I'd like to know 

By Max Lock Posted Monday 8th September 2008 06:21 GMT

IT Angle

Domain names you keep as long as you want to re-register them, where as IP addresses may change if you move service provider. The Domain name should therefore remains a constant.

Plus, IPv6 will eventually arrive making domain name far more important than they are under IPv4, as the IPv4's 12 numeric digits are easier to recall than the IPv6's 32 digit hex format.

Regards

Max Gabriel Lock

Is it ...... ? 

By Matt Posted Monday 8th September 2008 14:34 GMT

Is it 'cos their product is shit ?

LO Matt ... s'cuse the pun but... 

By Anonymous Coward Posted Tuesday 9th September 2008 11:31 GMT

Pirate

Is it 'cause they is Hakt?

Anyway - my 2d = DNS - Does Not Synchronise - LMAO

Webcast: Jumpstart your Application Security initiatives