I tried to get to cryptome, but it appears to be down. Any info ? - Neil M. Johnson mailto:njohnsn@iowatelecom.net
on Tue, Oct 02, 2001 at 07:11:19PM -0500, Neil Johnson (njohnsn@IowaTelecom.net) wrote:
I tried to get to cryptome, but it appears to be down.
Any info ?
Works from here. -- Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/ What part of "Gestalt" don't you understand? Home of the brave http://gestalt-system.sourceforge.net/ Land of the free Free Dmitry! Boycott Adobe! Repeal the DMCA! http://www.freesklyarov.org Geek for Hire http://kmself.home.netcom.com/resume.html [demime 0.97c removed an attachment of type application/pgp-signature]
Hmm, I get a "Cannot Find server or DNS error" I tried from work, and I tried it from home. Unless John had to ban both due to robot issues. Oh well.
There have been a half dozen folks who said today they could not access Cryptome, but it's accessible from here. And there are only a half dozen blocks of rampaging bots. However, we are in the process of switching the archives to new machines and IP address changes are in the works -- completion due any day now. I had thought that was the problem but at the moment cryptome.org and jya.com still go to the current machine. The reason for the change is that the current machine has been swamped with worms and our ISP, Verio, has not been able to get rid of them, not even with a total wipe of the storage and new programs, nor have any suggestions worked. So two new machines have been rented to try a fresh start. Cryptome on one, jya.com on the other -- heretofore both were on a single machine. Copies of the archives have been transferred, so there are two sets at the moment, the current box and the new ones. New addresses: cryptome.org 161.58.201.197 jya.com 128.121.222.215 We're dreading the ravenous worms coming, and the locust-plague of spiders and bots. We'll see which box gets hit first and from where the predators originate. Oddly, even before we loaded one of the machines its log showed a sustained worm attack of hours long error messages, then the hits ceased, as if worms withdrew to await http prey. Weird shit out there.
I can't reach it from here either, and doing a nslookup on cryptome.org comes back with nothing. -- Harmon Seaver, MLIS CyberShamanix Work 920-203-9633 Home 920-233-5820 hseaver@cybershamanix.com http://www.cybershamanix.com/resume.html
jya.com is fine, cryptome.org's dns servers haven't updated. You might well be using old BIND zone files, if your version of BIND was upgraded, make sure you check the SOA section of the zone file, as with newer versions different syntax was used, check out your logs for named errors on startup. Let me know if that makes any sense. --Gabe gabe@lurch:~$ whois cryptome.org Whois Server Version 1.3 Domain names in the .com, .net, and .org domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. Domain Name: CRYPTOME.ORG Registrar: NETWORK SOLUTIONS, INC. Whois Server: whois.networksolutions.com Referral URL: http://www.networksolutions.com Name Server: NS1.SECURE.NET Name Server: NS2.SECURE.NET Updated Date: 01-oct-2001 gabe@lurch:~$ host -a cryptome.org NS1.SECURE.NET Using domain server: Name: NS1.SECURE.NET Address: 192.41.1.10 Aliases: Trying null domain rcode = 0 (Success), ancount=2 The following answer is not authoritative: The following answer is not verified as authentic by the server: cryptome.org 114490 IN NS NS1.SECURE.NET cryptome.org 114490 IN NS NS2.SECURE.NET For authoritative answers, see: cryptome.org 114490 IN NS NS1.SECURE.NET cryptome.org 114490 IN NS NS2.SECURE.NET Additional information: NS1.SECURE.NET 86400 IN A 192.41.1.10 NS2.SECURE.NET 86400 IN A 161.58.9.10 -- "It's not brave, if you're not scared."
Both ns1.secure.net and ns2.secure.net are returning SERVFAIL for A record queries for cryptome.org. That almost certainly indicates a misconfiguration on those two machines. John, you may want to start harassing your new provider to fix this. Alternatively, it could be that those two servers are not the correct ones for cryptome.org; then getting a SERVFAIL would make some sense.
Another useful stopgap is the dynamic DNS providers, such as dyndns.org, which give you a third-level domain and convenient tools for updating your information. They're oriented towards the dial/dsl/cablemodem users who want to run web sites and other servers from machines that have dynamic IP addresses - your machine keeps them updated with your current address, so people who connect to yourmachine.theirservice.net get to wherever you are now.
At the moment it appears that Verio's DNS server failed to register cryptome.org as a valid domain name, whereas jya.com was. We've placed an order to correct that. We had ordered that the two domains be put on two different boxes, geographically distant, to avoid both sites going down if one was knocked out. Hey, there's WMD about called PATRIOT. However, now I learn that Verio uses one DNS server for the two boxes so an attacker needs only to throw one stone to kill both our birds. Grrr. That is what we wanted to avoid. A smart sales rep assured me that this was the way to go, after I had placed two orders for two machines to keep them separate. No need for that he said, let me tell you a better way. No doubt my simple-minded security method would have been breached by some Verio setup based on its own Japanese government spying principles, which is to say I can't escape being terrorized by Ashcroft. What's the connection among Code Red, Nimda and Carnivore?
At 05:52 AM 10/03/2001 -0700, John Young wrote:
However, now I learn that Verio uses one DNS server for the two boxes so an attacker needs only to throw one stone to kill both our birds. Grrr. That is what we wanted to avoid.
A smart sales rep assured me that this was the way to go, after I had placed two orders for two machines to keep them separate. No need for that he said, let me tell you a better way. No doubt my simple-minded security method would have been breached by some Verio setup based on its own Japanese government spying principles, which is to say I can't escape being terrorized by Ashcroft.
Domain names are supposed to have at least one primary DNS server and at least one secondary DNS server, and some names will arrange to have more than one secondary. It wouldn't be at all surprising if Verio uses one server as the primary for both names and one as the secondary for both. It's probably worthwhile for you to arrange another secondary - there are crypto-friendly sites that will probably be happy to do so (e.g. toad.com, havenco.com, thebunker.net, etc.)
John Young wrote:
At the moment it appears that Verio's DNS server failed to register cryptome.org as a valid domain name, whereas jya.com was. We've placed an order to correct that.
FYI it works fine from over here & has for a while. nslookup www.cryptome.org Name: cryptome.org Address: 161.58.201.197 Aliases: www.cryptome.org nslookup jya.org Non-authoritative answer: Name: jya.org Address: 216.248.201.38
We had ordered that the two domains be put on two different boxes, geographically distant, to avoid both sites going down if one was knocked out. Hey, there's WMD about called PATRIOT.
However, now I learn that Verio uses one DNS server for the two boxes so an attacker needs only to throw one stone to kill both our birds. Grrr. That is what we wanted to avoid.
Do you mean that there really is only one nameserver? If so that would be a large-scale dereliction of duty for a respectable ISP. Or that there are two (or more) servers, but both your entries are on the same ones? That would be OK.
A smart sales rep assured me that this was the way to go, after I had placed two orders for two machines to keep them separate. No need for that he said, let me tell you a better way. No doubt my simple-minded security method would have been breached by some Verio setup based on its own Japanese government spying principles, which is to say I can't escape being terrorized by Ashcroft.
What's the connection among Code Red, Nimda and Carnivore?
Nasty computer programs written by clever but socially deprived authors? Ken Brown
John Young writes:
We had ordered that the two domains be put on two different boxes, geographically distant, to avoid both sites going down if one was knocked out. Hey, there's WMD about called PATRIOT.
The DNS has redundancy designed into it; there is no real advantage to having a disjoint set of servers for the two domains. You may as well have the widest possible set of servers for both.
However, now I learn that Verio uses one DNS server for the two boxes so an attacker needs only to throw one stone to kill both our birds. Grrr. That is what we wanted to avoid.
That doesn't seem right; traceroutes to both servers indicate that they are likely topologically distant. One appears to be around Washington, DC, and the other somewhere on the west coast.
A smart sales rep assured me that this was the way to go, after I had placed two orders for two machines to keep them separate. No need for that he said, let me tell you a better way. No doubt my simple-minded security method would have been breached by some Verio setup based on its own Japanese government spying principles, which is to say I can't escape being terrorized by Ashcroft.
Indeed so.
On Tuesday, October 2, 2001, at 06:28 PM, Neil Johnson wrote:
Hmm, I get a "Cannot Find server or DNS error"
I tried from work, and I tried it from home.
Unless John had to ban both due to robot issues.
Oh well.
You sure you're entering cryptome.org, and not cryptome.com? I jut tried it yet again, 8:20 pm PDT, and it works fine. --Tim May
Yep, http://cryptome.org The IP address that John sent DOES work, so it is looking like an DNS issue. -Neil ----- Original Message ----- From: "Tim May" <tcmay@got.net> To: <cypherpunks@lne.com> Sent: Tuesday, October 02, 2001 10:23 PM Subject: Re: cryptome down ?
On Tuesday, October 2, 2001, at 06:28 PM, Neil Johnson wrote:
Hmm, I get a "Cannot Find server or DNS error"
I tried from work, and I tried it from home.
Unless John had to ban both due to robot issues.
Oh well.
You sure you're entering cryptome.org, and not cryptome.com?
I jut tried it yet again, 8:20 pm PDT, and it works fine.
--Tim May
Agreed. It is a DNS issue. nslookup from one box without cryptome.org cached gives me: "can't find cryptome.org: Non-existent host/domain" John might want to temporarily redirect cryptome.org to the IP address (if his setup allows him to) so people get the hint, and make a note of the IP address in large type on his homepage. Since John talked about some server changes with Verio, it's likely their DNS problem. Also, whois shows the cryptome.org record was updated Oct 1 and is pointing to secure.net, whatever that is. -Declan On Tue, Oct 02, 2001 at 10:41:13PM -0500, Neil Johnson wrote:
Yep, http://cryptome.org
The IP address that John sent DOES work, so it is looking like an DNS issue.
-Neil
----- Original Message ----- From: "Tim May" <tcmay@got.net> To: <cypherpunks@lne.com> Sent: Tuesday, October 02, 2001 10:23 PM Subject: Re: cryptome down ?
On Tuesday, October 2, 2001, at 06:28 PM, Neil Johnson wrote:
Hmm, I get a "Cannot Find server or DNS error"
I tried from work, and I tried it from home.
Unless John had to ban both due to robot issues.
Oh well.
You sure you're entering cryptome.org, and not cryptome.com?
I jut tried it yet again, 8:20 pm PDT, and it works fine.
--Tim May
I've just tried it from a server in MN, and another one in AL, and, previously, from here in WI. Nada -- it doesn't exiest anymore. "can't find cryptome.org: Non-existent host/domain" -- Harmon Seaver, MLIS CyberShamanix Work 920-203-9633 Home 920-233-5820 hseaver@cybershamanix.com http://www.cybershamanix.com/resume.html
On Tuesday, October 2, 2001, at 08:40 PM, Harmon Seaver wrote:
I've just tried it from a server in MN, and another one in AL, and, previously, from here in WI. Nada -- it doesn't exiest anymore. "can't find cryptome.org: Non-existent host/domain"
"Pursuant to the Defense of the Homeland Act of 2001, isolation of regions deemed hostile to the Reich, er, the Heimat, er, the Homeland, shall commence after the 9-11-01 Event of next week, er, last week. You do not need to adjust your Internet connection--we are in control. We will control all that you see and hear." --Tim May
participants (11)
-
Bill Stewart -
Declan McCullagh -
Gabriel Rocha -
Harmon Seaver -
jmalcolm@uraeus.com -
Joe Malcolm
-
John Young -
Karsten M. Self -
Ken Brown -
Neil Johnson -
Tim May