Skip to content

Instantly share code, notes, and snippets.

@bortzmeyer
Created June 15, 2017 05:36
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bortzmeyer/da1a6fc2dec69e7981dd00e01986b51e to your computer and use it in GitHub Desktop.
Save bortzmeyer/da1a6fc2dec69e7981dd00e01986b51e to your computer and use it in GitHub Desktop.
Historique du domaine wlp-acs.com (utilisé par 3Dsecure)

Cause probable de la panne 3d Secure du 14 juin (vers 0840 UTC). L'historique récent du domaine, vu par DNSDB :

% isc-dnsdb-query rrset wlp-acs.com/NS
;;  bailiwick: com.
;;      count: 2597
;; first seen in zone file: 2010-04-24 16:12:21 -0000
;;  last seen in zone file: 2017-06-14 16:02:38 -0000
wlp-acs.com. IN NS ns3.atos.net.
wlp-acs.com. IN NS ns4.atos.net.

;;  bailiwick: com.
;;      count: 514827
;; first seen: 2010-06-24 05:52:49 -0000
;;  last seen: 2017-06-15 04:37:49 -0000
wlp-acs.com. IN NS ns3.atos.net.
wlp-acs.com. IN NS ns4.atos.net.

;;  bailiwick: com.
;;      count: 14
;; first seen: 2017-06-14 08:36:04 -0000
;;  last seen: 2017-06-14 09:48:42 -0000
wlp-acs.com. IN NS sk.s5.ans1.ns148.ztomy.com.
wlp-acs.com. IN NS sk.s5.ans2.ns148.ztomy.com.

;;  bailiwick: wlp-acs.com.
;;      count: 830396
;; first seen: 2010-06-24 05:52:49 -0000
;;  last seen: 2017-06-15 03:59:47 -0000
wlp-acs.com. IN NS ns3.atos.net.
wlp-acs.com. IN NS ns4.atos.net.

;;  bailiwick: wlp-acs.com.
;;      count: 5
;; first seen: 2017-06-14 08:42:35 -0000
;;  last seen: 2017-06-14 10:12:31 -0000
wlp-acs.com. IN NS sk.s5.ans1.ns148.ztomy.com.
wlp-acs.com. IN NS sk.s5.ans2.ns148.ztomy.com.

;;; Returned 5 RRsets in 0.14 seconds.
;;; DNSDB
@bortzmeyer
Copy link
Author

Après la remise en place du domaine

% isc-dnsdb-query rrset wlp-acs.com/NS
;;  bailiwick: com.
;;      count: 2597
;; first seen in zone file: 2010-04-24 16:12:21 -0000
;;  last seen in zone file: 2017-06-14 16:02:38 -0000
wlp-acs.com. IN NS ns3.atos.net.
wlp-acs.com. IN NS ns4.atos.net.

;;  bailiwick: com.
;;      count: 514827
;; first seen: 2010-06-24 05:52:49 -0000
;;  last seen: 2017-06-15 04:37:49 -0000
wlp-acs.com. IN NS ns3.atos.net.
wlp-acs.com. IN NS ns4.atos.net.

;;  bailiwick: com.
;;      count: 14
;; first seen: 2017-06-14 08:36:04 -0000
;;  last seen: 2017-06-14 09:48:42 -0000
wlp-acs.com. IN NS sk.s5.ans1.ns148.ztomy.com.
wlp-acs.com. IN NS sk.s5.ans2.ns148.ztomy.com.

;;  bailiwick: wlp-acs.com.
;;      count: 831083
;; first seen: 2010-06-24 05:52:49 -0000
;;  last seen: 2017-06-15 03:59:47 -0000
wlp-acs.com. IN NS ns3.atos.net.
wlp-acs.com. IN NS ns4.atos.net.

;;  bailiwick: wlp-acs.com.
;;      count: 5
;; first seen: 2017-06-14 08:42:35 -0000
;;  last seen: 2017-06-14 10:12:31 -0000
wlp-acs.com. IN NS sk.s5.ans1.ns148.ztomy.com.
wlp-acs.com. IN NS sk.s5.ans2.ns148.ztomy.com.

;;; Returned 5 RRsets in 0.09 seconds.
;;; DNSDB

@bortzmeyer
Copy link
Author

Certains caches DNS voient encore les mauvais serveurs de noms. Patience ! Vu par les sondes RIPE Atlas :

% atlas-resolve -r 1000 -t NS  wlp-acs.com 
[ns3.atos.net. ns4.atos.net.] : 954 occurrences 
[ERROR: FORMERR] : 1 occurrences 
[ERROR: SERVFAIL] : 1 occurrences 
[TIMEOUT(S)] : 7 occurrences 
[sk.s5.ans1.ns148.ztomy.com. sk.s5.ans2.ns148.ztomy.com.] : 34 occurrences 
Test #8860412 done at 2017-06-15T08:06:12Z

@bortzmeyer
Copy link
Author

Le domaine n'a normalement pas d'adresse associée. DNSDB voit ici l'adresse de parking, ce qui donne une bonne idée de la durée de la panne (prolongée par les caches, bien sûr) :

;;  bailiwick: wlp-acs.com.
;;      count: 21
;; first seen: 2017-06-14 08:43:07 -0000
;;  last seen: 2017-06-14 18:41:14 -0000
wlp-acs.com. IN A 208.91.197.46

;;; Returned 1 RRsets in 0.09 seconds.
;;; DNSDB

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment