Microsoft's anti-malware crusade knackers '4 MILLION' No-IP users
Microsoft has won a court order to gain control of 23 No-IP domains owned by dynamic DNS (DDNS) provider Vitalwerks Internet Solutions. The US software giant claimed the domains were being used by malware developed in the Middle East and Africa.
http://www.theregister.co.uk/2014/07/01/microsoft_takes_over_noip_domains_to_block_malware_marketing/
Well there goes my sites...
http://www.theregister.co.uk/2014/07/01/microsoft_takes_over_noip_domains_to_block_malware_marketing/
Well there goes my sites...
Post edited by ardentcrest on
Comments
grrr.
If so, assuming I've read it right, this is a terrible breach of peoples' rights, and yet another step closer to the 'closed Internet' that some people have been warning us about for years.
no-ip claims that they do respond to complaints and cut off users who breach the terms. They also claim that Microsoft never contacted them and went straight for the legal option.
Microsoft don't appear to have made any statement at all so no-one knows what's happening.
This at least suggest that they intend to keep up their end of the deal and resolve the addresses not on their list, but that they have misconfigured something. :-x
/Pedro
no-ip have been claiming that for some time though and don't appear to have done anything about it. Microsoft taking control of the domains is far from ideal, but those companies providing the underlying infrastructure for the internet should be held accountable when they fail to react to abuse like this.
Well according to them (yeah, I know) Microsoft (or anyone else) didn't send them list of domains and evidence of illegal activity, just lots of reports and hand wringing about the issue.
If they weren't responding to actual specific complaints then that's a problem, but it's not a DNS provider's job to monitor the contents of every server running on every host for which they provide DNS resolution.
In fact there may be no obvious way to tell that a host is a C&C node for a botnet unless you are monitoring the network activity coming and going from infected computers as microsoft, cisco etc do.
This traffic is not travelling over networks controlled by Vitalwerks so how are they supposed to detect it?
Why would anyone use free domain services for professional use?
Register a damn domain and do it the "right way" you cheap bastards.
My games for the Spectrum: Dingo, The Speccies, The Speccies 2, Vallation, SQIJ.
Twitter: Sokurah
Thank you for your enlightened and helpful input, please file it up your own arse.
ALL users, free and paid (me, and my customer, are part of the last group), were affected. Noip.com is the biggest, most supported dynamic dns provider. It is supported by, I would say, mostly all, if not all, routers and vpn concentrators that provide a dynamic dns service. And I don't follow you. How just registering a domain will help with dynamic dns? Are you really sure you know what you are talking about?
/Pedro
I was thinking about how now I have a lot of stuff running on my server, and my current ISP provides a static IP (when I started using no-ip dynamic DNS I had a dynamic IP obviously...) I ought to get on and register a domain name and start migrating everything.
As with many other things I have put this off and forgotten about it as other things have been more pressing. It's so frustrating.
If you have a static IP then I can recommend Joker.com. I bought my domain through a reseller and when they hiked their prices I found I could just go straight to the source so I stuck with Joker. I'm not sure, but they may also offer DDNS services.
Or do they use juries?
The average layman would probably just decide in favor of microsoft cos they are considered the 'good guys'
Block No IP in the US if it came from a US court.
If you want to block No IP in Ireland.... GO TO AN IRISH COURT..........
You were using a US controlled domain though. It's annoying, but that's how it is. If you don't want a court outside your country to hijack your DNS then you should be using a .ie address...
I note that Microsoft claim to have fixed the technical issue - however their nameserver are still returning no answers to requests made by another DNS server. (i.e. it only works if you directly query their nameserver)
Or they weren't scanning for hosts with windows or windowsupdate in the string heh. I suppose a filter is only as good as the rules you give it.
www.noip.com
Presumably by a bunch of idiots who think it's their fault nothing will resolve. The comments on their blog were full of them, demanding no-ip magically turn their domain back on :roll:
I prefer to call them criminals. DDoS attacks usually require a botnet.
Well any deliberate DDoS is criminal. The point is that some criminals are rather smart and make lots of money off "cybercrime".
If it's a retaliatory attack against the wrong party then it must be perpetrated by idiots.
Ok, I'll compromise. How about the criminally stupid?
Everything should start returning as soon as yor DNS server cache expires (or you flush it manually if it's one you control)
http://www.pcworld.com/article/2450620/noip-regains-control-of-some-domains-wrested-by-microsoft.html
There seems to be no deals with the affected sites yet, so expect this story to continue...
Games List 2016 - Games List 2015 - Games List 2014