Skip to main content

Universal Hub

  • Neighborhoods
  • The T
  • Development
  • Crime
  • Fire
  • Boston English
  • Boston Answers
  • Search
  • Post!
  • My account
  1. Home

MBTA's Web site lapses in and out of consciousness due to possible attack on server that links it to the Internet

By adamg on Thu, 06/20/2013 - 9:15am

What PunMonkey got at mbta.com last night.What PunMonkey got at mbta.com last night.

What could be a hacker attack on an Internet DNS server - or a server misconfiguration - is causing problems for people trying to connect to mbta.com. Starting last night, some users have reported being unable to connect to the site or being connected to a "domain for sale" page, although other users report no problems.

MBTA spokesman Joe Pesaturo confirmed this morning the problem is related to problems at a DNS server used by the MBTA. DNS servers act like directories for Internet-connected computers, translating human-like names, such as mbta.com, into the numerical addresses associated with specific Web servers.

Tech Crunch reports LinkedIn and some Fidelity servers have also been affected by the issue.

Confluence Networks, an Indian service provider to whose servers some Web sites were redirected, says:

Note that it has already been verified that this issue was caused due to a human error and there was NO security related issue caused by the same.

Neighborhoods: 
Boston
Topics: 
The T

Like the job UHub is doing? Consider a contribution. Thanks!

Ad:

Comments

Bringing failure online

By Judy
Thu, 06/20/2013 - 10:10am

Finally the T is bringing its failures to the digital age. Limiting breakdowns to physical infrastructure is just so old-fashioned. This way you don't even have to live in Boston to enjoy them.

up
0 users have voted.
  • reply

Yes, how stupid of the T to

By peter
Thu, 06/20/2013 - 10:56am

Yes, how stupid of the T to use the same DNS service as LinkedIn, one of the largest web sites on the planet. They should have known better.

up
0 users have voted.
  • reply

Perhaps this is what was

By anon
Thu, 06/20/2013 - 10:15am

Perhaps this is what was responsible for 3 dead trains on the Green Line this morning?

up
0 users have voted.
  • reply

Of course! Uploading a virus

By Finn
Thu, 06/20/2013 - 12:38pm

Of course! Uploading a virus to the mothership's mainframe has knocked out all the drone vessels and rendered them useless! Haven't you seen Independence Day?

up
0 users have voted.
  • reply

Just wait until the Green

By anon
Thu, 06/20/2013 - 10:31am

Just wait until the Green Line reaches the internet age circa 1996. Complete with pop up ads and pron.

up
0 users have voted.
  • reply

This was a massive problem, many domains affected

By dirtywater77
Thu, 06/20/2013 - 1:43pm

Hundreds of domains including usps.com, mbta.com, fidelity.com, and linkedin.com were affected. My employer, who I won't mention here, is still very busy dealing with the fallout.

The publicly-available details are: last night Network Solutions, the domain registrar for all these domains, suddenly started resolving them all to an IP address belonging to Confluence Networks, which runs sites that gather ad revenue from expired/parked domains. Network Solutions has issued a vague statement claiming it was an error. Confluence denies all responsibility.

The assertion by Confluence that "there was NO security related issue caused by the same" defies logic. When you have many secure websites being redirected to a non-secure third-party site, that is a security issue. I think Network Solutions' statement that "no confidential data was compromised" is also an overreach.

up
0 users have voted.
  • reply

"secure websites being redirected"

By anon
Thu, 06/20/2013 - 9:37pm

If users accessed https://[their desired domain]/, there would have been no issue, since the domain names on the certificates would not have matched — ideally, only the rightful owner of a given domain can get a certificate registered to it. Unless somehow Confluence managed to procure fraudulent certificates for the domains in question while the domain lookup error was occurring, users would have been safe.

up
0 users have voted.
  • reply

In theory you are correct

By dirtywater77
Fri, 06/21/2013 - 3:08am

Ideally, all users would know how to use SSL properly.

In practice, many (most?) users are not going to be sophisticated enough to notice a man-in-the-middle attack. Many people just type, for example, www.americanexpress.com and rely on the website to redirect them to https://www.americanexpress.com. Even if they do specify https, a man-in-the-middle can redirect them to http. Then they have to be alert enough to realize that the "lock" icon isn't being displayed in their browser.

up
0 users have voted.
  • reply

man-in-the-middle

By anon
Sat, 06/22/2013 - 9:32pm

Many people just type, for example, www.americanexpress.com and rely on the website to redirect them to https://www.americanexpress.com.

Good point. There is a way for sites to protect users from this attack, but not enough sites use it.

Even if they do specify https, a man-in-the-middle can redirect them to http.

This one is impossible, though.

up
0 users have voted.
  • reply

Add comment

The content of this field is kept private and will not be shown publicly.
Formatting options

Plain text

  • No HTML tags allowed.
  • Web page addresses and email addresses turn into links automatically, unless the parent tag has the 'nolink' class.
  • Lines and paragraphs break automatically.
Video
Paste in a YouTube or Vimeo URL (e.g. https://www.youtube.com/watch?v=hBbmD20FuSE or https://vimeo.com/100141625).
Cancel

Support Universal Hub

Help keep Universal Hub going. If you like what we're up to and want to help out, please consider a (completely non-deductible) contribution.

Contribute to Universal Hub

Copyright by Adam Gaffin and by content posters.
Advertise | About Universal Hub | Contact | Privacy