Thursday, January 28, 2021

Floodgap.com down due to domain squatter attack on Network Solutions

Floodgap sites are down because someone did a mass attack on NetSol (this also attacked Perl.com and others). I'm working to resolve this. More shortly.

Update: Looks like it was a social engineering attack. I spoke with a very helpful person in their security department (Beth) and she walked me through it. On the 26th someone initiated a webchat with their account representatives and presented official-looking but fraudulent identity documents (a photo ID, a business license and a utility bill), then got control of the account and logged in and changed everything. NetSol is in the process of reversing the damage and restoring the DNS entries. They will be following up with me for a post-mortem. I do want to say I appreciate how quickly and seriously they are taking this whole issue.

If you are on Network Solutions, check your domains this morning, please. I'm just a "little" site, and I bet a lot of them were attacked in a similar fashion.

Update the second: Domains should be back up, but it may take a while for them to propagate. The servers themselves were unaffected, and I don't store any user data anyway.

15 comments:

  1. Perl.com is temporarily set up at:
    http://perldotcom.perl.org

    ReplyDelete
    Replies
    1. Perl.com really took it on the chin though. The attackers were successfully able to transfer the domain to a new registrar, whereas they "only" wrecked our DNS entries but I could recover it.

      Delete
  2. My agency website doesn't display correctly on latest TFF and G5 1.8 DP. Just the header and sometimes the footer. Can you check this for me (www.designwerks.net) ? My Macbook displays the website fine on all major browsers. My G5 also displays my blog website OK on TFF (www.kevinbryce.com) Both are Wordpress sites. Many thanks!

    ReplyDelete
    Replies
    1. [ChrisT] I see what you describe in TenFourFox and Leopard Webkit on my 10.5 G4 PowerBook. But also in Waterfox and Firefox 78ESR on my 10.11 MacBook Pro. I suspect a problem on the server's side.

      Delete
    2. The home page is a 3 panel slider. Oddly, all the other website pages which don;t have a slider work just fine. I also use Nitropack for website optimization. I suspect TFF browser does not like the optimization techniques employed by Nitropack. Considering that the vast bulk of visitors are not using PPC machines it seems unlikely I would chase down a solution to this display issue. All the modern browsers on newer CPUs display the website content fine and true to the intended design. I thought the issue was just a setting was not enabled for sliders on TFF. I welcome any suggestions at this point.

      Delete
    3. [ChrisT] I'm sorry to say: If the website doesn't work properly in Firefox 78ESR, that website is rubbish.

      Delete
    4. As I mentioned it works perfectly on FireFox browser on Macbook Pro - no problems (current version is 85.0.1). Where it does not work is on my G5 running 10.5.8 OS and TFF 30. I tested it on earlier releases of TFF on G5 and the issue remains.

      Delete
    5. [ChrisT] The underlying problem is that nitrocdn.com is down. At least where I live. Or blocked somehow on the DNS level. Designwerks.net loads lots of .js files from this domain. If they don't load, the site doesn't display properly. This has nothing to do with TenFourFox.

      Delete
    6. [ChrisT] OK, I managed to find a DNS server that doesn't block nitrocdn.com (1.1.1.x does, as well as the one provided by my ISP). Now that the javascript provided by nitrocdn.com loads I can see the next problem, which is probably the one you meant. TenFourFox is missing some functionality for the asynchronous functions contained in the javascript from nitrocdn.com, that's why this website isn't displayed completely. You will have to resort to Leopard Webkit on Mac OS X 10.5.

      Delete
    7. Thanks Chris for your quick rely and troubleshooting work. I believe you are correct on all counts. I am not privy to the types of optimization techniques used by Nitropack. This is always being tested and improved. But one thought is I could request that the test for the problem(s) we discussed. Chances are good they will not have a PPC or copies of TFF on hand for this purpose. But you confirm what I suspected that TFF is missing the functions to execute the JS code on my website. This is not the end of the world since the PPC platform as you know is no longer supported by Apple. So in the total visitor market there is likely a small handful who might want to go to my website. TFF has other uses but it looks like the 'end of the trail' as far as a testing environment for my website. Thanks again for your help. Cheers!

      Delete
    8. [ChrisT] You're welcome. I would, indeed, be more worried that Cloudflare DNS blocks nitrocdn.com. Because that's used widely and will impact lots of visitors to your website. That's the first thing I would tell the Nitropack folks. If they, in addition, got rid of async functions in their code that would be great for TenFourFox users, but I doubt they'll do it because these functions are what makes their optimizations work ;-)

      Delete
    9. Hi CHris, FYI Nitropack has a "CDN integration" setting on their dashboard that allows it to seamlessly work with CloudFlare and optimize all settings. SO they must have worked all this out ahead of my engaging their optimization services. Just my two cents.

      Delete
  3. Might this be of interest for TenFourFox?
    https://github.com/zakius/Polly

    ReplyDelete
    Replies
    1. Possibly, but the biggest gap is the front end differences and the problem with async/await, which this doesn't (and probably, in fairness, can't) address.

      Delete

Due to an increased frequency of spam, comments are now subject to moderation.