Home / 2014 / Chinese top-level domain root server failure affected most websites (中國頂級域名根服務器故障 大部分網站受影響)









金山毒霸安全專家表示,經查詢65.49.2.178的信息,發現該IP位於美國北卡羅萊納州卡里鎮Dynamic Internet Technology公司,從目前看該事件極可能是黑客攻擊行為。

前述技術專家解釋說,之所以有部分用戶還可以正常訪問互聯網,是因為其網絡DNS服務器有一定的緩存時間,如果根服務器的故障持續,全國大部分網站都將受到影響。 (張楠)



舉一個例子,zh.wikipedia.org作為一個域名就和IP地址208.80.154.225相對應。 DNS就像是一個自動的電話號碼簿,我們可以直接撥打wikipedia的名字來代替電話號碼(IP地址)。 DNS在我們直接調用網站的名字以後就會將像zh.wikipedia.org一樣便於人類使用的名字轉化成像208.80.154.225一樣便於機器識別的IP地址。

source: http://tech.sina.com.cn/i/2014-01-21/16169115784.shtml


Same news in Network World


IDG News Service – Tuesday’s Internet outage in China is dividing experts over what caused the networking error, with authorities calling it a hacking attack, and others blaming it on the country’s censorship systems.

The outage briefly crippled the Internet in China, with many local websites inaccessible to users. User traffic was mysteriously redirected to a U.S.-based IP address belonging to a company that has hosted software capable of circumventing China’s online censorship.

The networking error, which only lasted a few hours, affected at least two-thirds of China’s websites, according to Qihoo 360, a software security vendor in the country.

On Wednesday, local authorities said a preliminary investigation found that a hacking attack caused the outage. China’s National Computer Network Emergency Response Technical Team is continuing to investigate the matter.

On the same day, China’s state-controlled Xinhua News Agency published a story quoting security experts whodemanded authorities do more to protect the nation’s Internet infrastructure.

Others experts, however, believe the error may have been caused by a glitch in China’s notorious censorship systems, also known as “The Great Firewall.”

China routinely blocks sites with content critical of the nation’s government, including Facebook, Twitter, and The New York Times. Tuesday’s Internet outage, however, rerouted traffic to an IP address belonging to Dynamic Internet Technology, a U.S. company whose site is also blocked by authorities.

The company’s CEO Bill Xia said in an email that Dynamic Internet Technology had no hand in Tuesday’s outage. Instead, he claimed China’s own censorship systems were at play.
The company’s clients include The Epoch Times, a publication banned in China. It also hosts Freegate software that can help Chinese Internet users view sites blocked in the country.

In the past, China’s censors have blocked the company’s sites with domain name system (DNS) hijacking. This is done by targeting domains like Epochtimes.com, and funneling their users to the wrong IP address, Xia said.

“This time, the DNS hijacking system targeted all domains instead for a few hours, thus the break down,” he added.

Others experts in China suspect the same.

Speculation is growing that hackers hijacked a root DNS (Domain Name System) server in China to reroute all user traffic, said GreatFire.org, a group that monitors China’s Internet and opposes the nation’s censorship.

But in a Wednesday posting, GreatFire.org dismissed such claims, noting that a public DNS server operated by Google had also been affected by the networking error. During the outage, users trying to access the Google DNS server from China were also rerouted to the IP address from Dynamic Internet Technology.

“Some are suggesting Dynamic Internet Technology is behind the outage. However, hacking into a root DNS resolver is not enough to cause this outage,” the group said. “They have to hack into GFW (The Great Firewall).”

Instead, authorities may have tried to block DIT’s IP address, but accidentally ended up rerouting all the nation’s traffic to the address, the group added.

source: http://www.networkworld.com/news/2014/012214-china-blames-internet-outage-on-277966.html