1. slack.com

DNSSEC関連の設定ミスでアクセスできないとの悲鳴が続く。-- ToshinoriMaeno 2021-10-01 23:56:04

dnsviz で DNSSEC関連を追跡できる。

https://lists.dns-oarc.net/pipermail/dns-operations/2021-September/021340.html

/dns-operations

DSレコードに対応するNS(dnskey) がないのであれば、DSレコード(キャッシュ)を取直せばいいと思うが。

https://lists.dns-oarc.net/pipermail/dns-operations/2021-October/021369.html

Some information on what happened during this incident with the Google Public DNS service.

* GPDNS did not configure an NTA for slack.com
* We observed a small percentage of SERVFAILs during 10:05-10:47 AM PT on 20210930.
 Which was fixed by
* a number of user-initiated cache flush requests for slack.com
records (dname, ds, a, soa) between 10:46 AM to 11:28 AM PT on
20210930.

Our general policy on NTAs is to only add them after evaluating the
specific scenario. We never add them by default.

-Puneet

https://news.ycombinator.com/item?id=28709988

https://twitter.com/Petr52898131/status/1443959135498686467

https://twitter.com/TheRegister/status/1443658850511425540

 but yes backing out of it without taking the cached DS into account seems to be the big issue.

https://twitter.com/hixxxxxhi/status/1443868095576035330?s=20

「1%の利用者に影響」という誤魔化し。(新たな手口) これで調べてみればよかった。

2. history

   Domain Name: SLACK.COM
   Registry Domain ID: 900992_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.markmonitor.com
   Registrar URL: http://www.markmonitor.com
   Updated Date: 2021-09-30T16:10:03Z
   Creation Date: 1992-10-21T04:00:00Z
   Registry Expiry Date: 2023-10-20T04:00:00Z
   Registrar: MarkMonitor Inc.
   Registrar IANA ID: 292
   Registrar Abuse Contact Email: abusecomplaints@markmonitor.com
   Registrar Abuse Contact Phone: +1.2083895740
   Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
   Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
   Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
   Name Server: NS-1493.AWSDNS-58.ORG
   Name Server: NS-166.AWSDNS-20.COM
   Name Server: NS-1901.AWSDNS-45.CO.UK
   Name Server: NS-606.AWSDNS-11.NET
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2021-10-01T23:56:18Z <<<


CategoryDns CategoryWatch CategoryTemplate

MoinQ: watchNS/slack.com (last edited 2021-10-03 00:44:12 by ToshinoriMaeno)