Millions of dynamic DNS users suffer after Microsoft seizes No-IP...
Millions of dynamic DNS users suffer after Microsoft seizes No-IP...
Posted: 01 Jul 2014
Millions of dynamic DNS users suffer after Microsoft seizes No-IP domains
Millions of legitimate servers that rely on dynamic domain name services from No-IP.com suffered outages on Monday after Microsoft seized 22 domain names it said were being abused in malware-related crimes against Windows users.
Microsoft enforced a federal court order making the company the domain IP resolver for the No-IP domains. Microsoft said the objective of the seizure was to identify and reroute traffic associated with two malware families that abused No-IP services. Almost immediately, end users, some of which were actively involved in Internet security, castigated the move as heavy handed, since there was no evidence No-IP officially sanctioned or actively facilitated the malware campaign, which went by the names Bladabindi (aka NJrat) and Jenxcus (aka NJw0rm).
"By becoming the DNS authority for those free dynamic DNS domains, Microsoft is now effectively in a position of complete control and is now able to dictate their configuration," Claudio Guarnieri, co-founder of Radically Open Security, wrote in an e-mail to Ars Technica. "Microsoft fundamentally swept away No-IP, which has seen parts of its own DNS infrastructure legally taken away."
Order restored to universe as Microsoft surrenders confiscated No-IP domains
Microsoft has surrendered the 23 domain names it confiscated from dynamic domain hosting service No-IP.com, a move that begins the process of restoring millions of connections that went dark as a result of the highly controversial legal action.
At the time this post was being prepared, No-IP had recovered 18 of the domains and was in the process of reacquiring the remaining five from Public Interest Registry, the registrar dealing Internet addresses ending in .org, No-IP spokeswoman Natalie Goguen told Ars. People who rely on No-IP subdomains that don't end in .org should already have service restored, as long as the domain name service (DNS) server they use has been updated to reflect Wednesday's transfer. Users who are still experiencing connectivity problems should try using DNS services from Google or OpenDNS, which have both updated their lookups to incorporate the transfers.
I am on the side of Microsoft (No-IP not taking advised security measures is an obvious red flag), but I wonder how effective Microsoft's actions were in all this. I sincerely hope MS's actions were worth the costs they incurred for everyone's benefit.
Computer Type: PC/Desktop System Manufacturer/Model Number: Home made Desktop OS: Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64 CPU: Intel i7-6800K @ 4.3 Motherboard: ASUS X-99 Deluxe II Memory: Corsair Platinum 16 gig @2400 Graphics Card: EVGA GTX 1070 OC Monitor(s) Displays: Asus 27" LED LCD/VE278Q Screen Resolution: 1920-1080 or 1280-720 HDMI Keyboard: Das 4 Professional Mouse: Logitech M705/MX Anywhere 2-S PSU: EVGA Platium 1200W Case: Phanteks Luxe Tempered Glass 8 fans/ one radiator Cooling: XSPC/ Water Cooled CPU Hard Drives: INTEL SSD 730-240 Gb Sata 3.0/ Internet Speed: 100 mbits Browser: I.E. 11 default/Firefox/ ISP Time Warner Cable/Spectrum Antivirus: Microsoft Security Essentials/ Malwarebytes Premium 3.0/ SAS Other Info: LG BluRay Burner/
Sound system-KLipsch-THX/
Icy Dock ssd Hot Swap bays.
Computer Type: PC/Desktop System Manufacturer/Model Number: Home Built Desktop By DataTech OS: Windows 7 Ultimate X64 SP1 CPU: Intel i5-2550K, Differing ~4.4-4.8GHz No built in GPU Motherboard: ASUS P8Z68-V PRO/GEN3 Memory: 16GB G.Skill Sniper 1866MHz @ 2133MHz 2x8GB Graphics Card: ASUS GTX650TIB-DC2OC-2GD5, (650TI Boost) Sound Card: Onboard Realtek 5-1 Monitor(s) Displays: Samsung P2570HD Screen Resolution: 1920x1080 Keyboard: E-Z Eyes, bright yellow keys with large characters Mouse: steelseries SENSEI Laser Pro Gaming PSU: Corsair HX650W Case: Inwin Dragon Rider Cooling: Hyper 212 EVO w/two Noctua fans, push-pull, @1300 RPM Hard Drives: Samsung 840 Pro 256GB SSD for OS, 500GB Seagate Constellation (Enterprise drive) for Data Internet Speed: 48-51Mbs Mbs down, 11 Mbs up Xfinity Cable Browser: IE 10, Opera, Pale Moon if needed Antivirus: Norton Internet Security 2013 Other Info: 4 case fans, LG BluRay-RE, ASUS DVD-RW, Mr. Fusion power supply, 1.21 gigawatts.
That is pretty heavy handed. I wonder how they got a federal judge to sign-off on that one? That would be like shutting down AT&T because a group of people were making obscene phone calls.
I only know about this chain of events so far as what I've read of it on ArsTechnica and Slashdot, but I am going to wager a guess that the focal point was No-IP allegedly not taking the appropriate measures that Microsoft and Cisco had advised them with.
When you advise someone that their assets are being abused and even advise them of the proper actions to take to address that and they keeps turning a blind eye or acts deaf, what options are left other than to say to them "your gig's up" and resort to drastic measures?
I only know about this chain of events so far as what I've read of it on ArsTechnica and Slashdot, but I am going to wager a guess that the focal point was No-IP allegedly not taking the appropriate measures that Microsoft and Cisco had advised them with.
When you advise someone that their assets are being abused and even advise them of the proper actions to take to address that and they keeps turning a blind eye or acts deaf, what options are left other than to say to them "your gig's up" and resort to drastic measures?
I think that is most likely to be true. NO-IP was obviously not giving the right customer service, by detecting these ratbags and stopping the service from being misused.
Having said that, Microsoft cannot carry out such heavy-handed tactics in Europe. At This Moment In Time...
Computer Type: PC/Desktop System Manufacturer/Model Number: Home Built Desktop By DataTech OS: Windows 7 Ultimate X64 SP1 CPU: Intel i5-2550K, Differing ~4.4-4.8GHz No built in GPU Motherboard: ASUS P8Z68-V PRO/GEN3 Memory: 16GB G.Skill Sniper 1866MHz @ 2133MHz 2x8GB Graphics Card: ASUS GTX650TIB-DC2OC-2GD5, (650TI Boost) Sound Card: Onboard Realtek 5-1 Monitor(s) Displays: Samsung P2570HD Screen Resolution: 1920x1080 Keyboard: E-Z Eyes, bright yellow keys with large characters Mouse: steelseries SENSEI Laser Pro Gaming PSU: Corsair HX650W Case: Inwin Dragon Rider Cooling: Hyper 212 EVO w/two Noctua fans, push-pull, @1300 RPM Hard Drives: Samsung 840 Pro 256GB SSD for OS, 500GB Seagate Constellation (Enterprise drive) for Data Internet Speed: 48-51Mbs Mbs down, 11 Mbs up Xfinity Cable Browser: IE 10, Opera, Pale Moon if needed Antivirus: Norton Internet Security 2013 Other Info: 4 case fans, LG BluRay-RE, ASUS DVD-RW, Mr. Fusion power supply, 1.21 gigawatts.
In this case the courts gave permission to Microsoft.
How that all came about I really don't know. May be it's time for others to step up to the plate and help keep the internet a better place.
From my understanding Microsoft proved to the court that
No-IP with their methods were damaging Microsoft customers.
No-IP was probably damaging other companies customers but none stepped up to the plate to help their customers.
I do see the good and the bad in this action but I don't see another way of helping the the thousands or millions of the customers from No-IP lack of concern.
No-IP was nothing but a super highway for infections with some honest DNS thrown in to make it look legit.
Computer Type: PC/Desktop System Manufacturer/Model Number: Home made Desktop OS: Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64 CPU: Intel i7-6800K @ 4.3 Motherboard: ASUS X-99 Deluxe II Memory: Corsair Platinum 16 gig @2400 Graphics Card: EVGA GTX 1070 OC Monitor(s) Displays: Asus 27" LED LCD/VE278Q Screen Resolution: 1920-1080 or 1280-720 HDMI Keyboard: Das 4 Professional Mouse: Logitech M705/MX Anywhere 2-S PSU: EVGA Platium 1200W Case: Phanteks Luxe Tempered Glass 8 fans/ one radiator Cooling: XSPC/ Water Cooled CPU Hard Drives: INTEL SSD 730-240 Gb Sata 3.0/ Internet Speed: 100 mbits Browser: I.E. 11 default/Firefox/ ISP Time Warner Cable/Spectrum Antivirus: Microsoft Security Essentials/ Malwarebytes Premium 3.0/ SAS Other Info: LG BluRay Burner/
Sound system-KLipsch-THX/
Icy Dock ssd Hot Swap bays.
