Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
The Internet Businesses Google IT

Google DNS Glitch Caused Outage 283

Posted by CmdrTaco from the not-much-else-happens-on-sunday-morning dept.
An anonymous reader writes "Google suffered a pretty long outage saturday evening, due to some DNS glitches, according to company spokesperson. All Google services were down for a while, including Gmail and Google AdSense. There seems to be a DNS hijack, as some screen grabs show that Google.com was redirecting to another site, SoGoSearch.com. "
This discussion has been archived. No new comments can be posted.

Google DNS Glitch Caused Outage More

Google DNS Glitch Caused Outage

Comments Filter:
  • Everyone keeps freaking out because when they run a whois query they get this:

    GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.C OM
    GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGI NE .THAN.SECZY.COM
    GOOGLE.COM

    This is NOT at ALL indicative of a hack.

    All this means is that gulli.com chose to register a DNS server with their registrar called 'GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.CO M' instead of ns1.gulli.com -- to do EXACTLY what they just did -- got your attention.

    Simmer down everyone. If you whois ANY major site you'll see similar things. (Just try Microsoft.com)

    • Re:Whois Entries Not Indicative of a Hack (Score:5, Informative)

      by A beautiful mind ( 821714 ) on Sunday May 08, 2005 @08:48AM (#12467564)
      Also the Screenshots are just about BROWSER GUESSES. The screenshots show http://www.google.com.net [com.net]!

      You know, it's what happens when the browser can't find the given domain name (dns servers are down), that it tries www.google.com.com, then www.google.com.net and it happened to be already taken by the site in the screenshots.

    • Re:Whois Entries Not Indicative of a Hack (Score:5, Interesting)

      by Megane ( 129182 ) on Sunday May 08, 2005 @08:49AM (#12467570)
      Wow, I thought that trick stopped working like four years or so ago. I even had one of those kind of entries, but took it out when the search stopped showing them.

      Looks like these clowns aren't just limiting themselves to Google...

      AOL.COM.IS.N0T.AS.1337.AS.GULLI.COM
      AOL.COM.IS.0WNED.BY.SUB7.NET
      AOL.COM.CANDICE-CHAMBERLAIN.COM
      AOL.COM.AINT.GOT.AS.MUCH.FREE.PORN.AS.SECZ.COM
      AOL.COM

      • Wow, I thought that trick stopped working like four years or so ago. I even had one of those kind of entries, but took it out when the search stopped showing them

        Four years ago, I remember this worked in Debian's whois, but not in Red Hat's or SuSE's. The output from whois depends on how the searching is done. Given the large number of people "discovering" this today, it looks like Debian's whois variant is more widespread now.

    • Google didn't cash 400,000 US$ during that time (Score:5, Interesting)

      by astrab ( 819883 ) on Sunday May 08, 2005 @09:13AM (#12467654) Journal
      According to gigaom.com, Google acknowledges having suffered a 'DNS blackout' for two hours (aprox) this past Saturday, and users couldn't access the search engine.

      During Q1 2005, Google cashed $657 million by showing sponsored links on search results. This means 300,000 US$ per hour. Taking into account that this issue happened on Saturday (less users), we can estimate the 'non-revenue' figure in 400,000 US$ aprox, without considering other non-working services like Google AdSense, which probably suffered problems during this time.

      http://google-blog.dirson.com/post.new/0260/ [dirson.com]

    • I just tried Microsoft. Hilarious.

      frost@louddrunk ~
      $ whois microsoft.com|grep MICROSOFT
      Server Name: MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM
      Server Name: MICROSOFT.COM.WANADOODOO.COM
      Server Name: MICROSOFT.COM.SUX.BUT.PYROFREAK.ORG.RULEZ.AND.DIOX YTECH.NET.DELETED.GANDI.NET
      Server Name: MICROSOFT.COM.SMELLS.SIMPLECODES.COM
      Server Name: MICROSOFT.COM.SHOULD.GIVE.UP.BECAUSE.LINUXISGOD.CO M
      Server Name: MICROSOFT.COM.RAWKZ.MUH.WERLD.MENTALFLOSS.CA
      Server Name: MICROSOFT.COM.OHMYGODITBURNS.COM
      Server

  • Laugh! (Score:3, Funny)

    by stabChmo ( 861088 ) on Sunday May 08, 2005 @08:35AM (#12467490)
    So go search Google!

  • Google Web Accelerator (Score:4, Funny)

    by Message Board ( 695681 ) on Sunday May 08, 2005 @08:36AM (#12467497) Journal
    Last night, Google Web Accelerator was accelerating just fine... except for the fact that when I tried to make it proxy google.com it told me that the web site wasn't available, and to try search Google for the site. Needless to say, that didn't work either.

  • Slashdot and Google (Score:3, Insightful)

    by brokencomputer ( 695672 ) on Sunday May 08, 2005 @08:36AM (#12467498) Homepage Journal
    Yeah and Slashdot was down with a 503 error yesterday for quite a while. But seriously, Google shouldn't allow this to happen.

  • SoGoSearch (Score:2, Interesting)

    by Dachannien ( 617929 )
    I think it's far more likely that there are quite a few people out there with some sort of malware redirecting their failed DNS lookups to this site, as opposed to Google's DNS entry being hacked.

  • Pre-FP (Score:4, Informative)

    by LogicX ( 8327 ) * <slashdot@lo[ ]x.us ['gic' in gap]> on Sunday May 08, 2005 @08:37AM (#12467507) Homepage Journal
    Ironically people have been freaking out about this, even before slashdot posted the story; leaving comments in other [slashdot.org] articles [slashdot.org]
    • The North American Network Operators Group mailing list, which is mainly for discussions between ISP people, had a good bit of discussion about this. Unfortunately, I get my NANOG subscriptions at my Gmail account, so I couldn't read about it there until it was over :-)
    • ...it happens to a lot of people.

  • SoGoSearch didn't hijack (Score:5, Informative)

    by Anonymous Coward on Sunday May 08, 2005 @08:38AM (#12467510)
    SoGoSearch didn't hijack Google's DNS. They registered a domain name google.com.net. Because the browser couldn't find google.com it tried as google.com.net. It has nothing to do with them hijacking any DNS.

    I do think it is unethical to register a domain such as google.com.net if you are not Google, but that is a different thing.

    • Re:SoGoSearch didn't hijack (Score:5, Informative)

      by ryanjensen ( 741218 ) on Sunday May 08, 2005 @08:51AM (#12467577) Homepage Journal
      Thing is, they didn't register "google.com.net" - they registered "com.net". The "google" part is called a wildcard, and any "*.com.net" would go to SoGoSearch. (See this report [bizreport.com] about yahoo.sex.com).

      The real problem lies in web browsers that append ".net" to a domain name when the .com version cannot be accessed.

    • Re:SoGoSearch didn't hijack (Score:5, Insightful)

      by Gollum ( 35049 ) on Sunday May 08, 2005 @09:03AM (#12467623)
      In fact, I think they registered com.net, and simply created a wildcard DNS result for anything under that, which points to their search page.

      As the parent says, it is common behaviour for browsers to try appending common TLD's to the end of an URL that is not found verbatim. When Google went away, the browser appended .net to google.com, and ended up at *.com.net.

      A bug that people seem to be ignoring is that whatever browser is shown in the screenshot did not show the correct URL after the .net was appended, but left the original URL in the location bar.
      • A bug that people seem to be ignoring is that whatever browser is shown in the screenshot did not show the correct URL after the .net was appended, but left the original URL in the location bar.
        Looks like Safari. And you're right, that's the real problem here, the redirect should be shown at the very least by changing the URL in the location bar.
      • Uh, no, this is not a browser bug.

        Yes, IE does do some bizare stuff on its own, but this is a RESOLVER issue.

        Let's say you have a domain called "example.com". Let's say you have a host called "foo.example.com". What happens, with the common configuration, when you telnet to "foo.example.com" from a machine called "bar.example.com"? Well, if your resolve.conf contains search example.com, it will try to look up foo.example.com, then foo.example.com.example.com, then foo.example.com.com. The relevant

        • Re:SoGoSearch didn't hijack (Score:5, Informative)

          by autocracy ( 192714 ) <slashdot2007.storyinmemo@com> on Sunday May 08, 2005 @10:44AM (#12468304) Homepage
          It's definitely a browser problem. The resolver doesn't do that... the browser makes the other requests after being told NXDOMAIN by the resolver. So, while the issue comes from getting the wrong DNS response, it's because the browser asked the wrong questions thereafter. This also doesn't have to do with search directives. I'm sure there's something you're saying that I'm calling differently than you mean, but it's still an issue of the browser in this case.
          • No. You're confusing the "resolver library" code used by the program, and "resolving name servers" network services. He's describing the built in search feature that many resolver libraries use, you're describing the part of the network protocol that library uses to communicate with the network service.

            It's worth asking if Mozilla and Firefox use the "default" resolver of the host operating system, or if the developers took the "path of greatest suprise" by including one of their own.
        • I've searched nearly every slashdot post, and you are the only person who said "resolver." And, you're only modded a "2", while the guy who responded incorrectly got a "4".

          Slashdot is like Saturday Night Live, I guess. It sucks, it always sucks, and it will always suck forever. But everyone remembers a time when it didn't suck as hard as it does right now.
    • They're trying to associate google.com.net with them in an effort to confuse customers. Thus they are guilty of a trademark violation and Google can sue them.

  • Not a hijack (Score:5, Informative)

    by Kip ( 659 ) <kip@aadl . o rg> on Sunday May 08, 2005 @08:39AM (#12467517)
    They were just taking advantage of browser behavior.

    www.google.com.net leads to sogosearch.com

    When a browser fails to resolve an address, they will try adding .net and .com to the end of the address on the assumption maybe the user forgot to add it.

  • Has it gotten to this point yet? (Score:5, Insightful)

    by fwice ( 841569 ) on Sunday May 08, 2005 @08:42AM (#12467534)
    Are people really this dependant on google that when there is an outage, people really flip out?

    I mean, there are other search engines.
    Other email services.
    Other mapping things.

    Seriously, what were people doing a couple years ago? If your life is that in tuned to google, maybe its time to 'log off' (and pardon the cliche).

    • Other email services.

      I agree with your sentiment but WTF?! "Other email services" doesn't make much difference if your primary email is delivered to gmail.

    • Re:Has it gotten to this point yet? (Score:2, Funny)

      by Anonymous Coward
      Yeah I'm bad for that. During the outage I tried to Google for another search engine but...
    • Google offers search results via SMS (text message 46645 with your query). It also has Google local, which means you can search for telephone numbers. I don't know of another search service with this functionality, and I attempted an out of state lookup during the outage without knowing about it. I actually did get results much later, but they weren't useful then.

      A couple of years ago, I wouldn't have looked up the number at all, but I also wouldn't have been used to being able to look it up at any time

    • Well, I can't say I panicked, but I did feel weird, if not lost, for some minutes.

      I chose to rely on Google for several reasons, and it's now part of my usage of the Web. I know total reliance can be bad, and I haven't forgotten about the existence of other search engines. Still, Google is my favorite one, and I don't feel the need to perform seaches on multiple engines (yet.) A tendency to use one tool amongst others, is quite natural, as long as you don't completely forget the alternatives.

      The moment Go

  • Just a DNS glitch (Score:4, Informative)

    by Eric(b0mb)Dennis ( 629047 ) on Sunday May 08, 2005 @08:44AM (#12467540)
    Lots of rumor of DNS getting poison and/or google site getting hacked. The reason benig is people thought google.com was going to SoGoSearch.com..

    But apparently it was just their browser's not finding google.com and trying to go to Google.com.net [com.net]

    Stop flipping out!

  • Just noticed (Score:2, Interesting)

    by vivekg ( 795441 )
    Thought gmail was slow and Adsens was not working but google.co.in was up and running :)

    However I noticed http://www.google.com/intl/xx-hacker/ [google.com] don't know what the hell it is... or just one of those google own funny stuff :-?

  • So the DNS was down... (Score:5, Funny)

    by Karakth ( 876149 ) on Sunday May 08, 2005 @08:50AM (#12467571)
    Just 216.239.57.99 it.

  • This hit Microsoft as well (Score:4, Funny)

    by Nichotin ( 794369 ) on Sunday May 08, 2005 @09:20AM (#12467708)
    Didn't anyone notice?

  • You just know that someone, somewhere, had just installed some new software on their PC ... then went to search for something on Google and BAM! No Google, no GMail, no Google Maps ... nothing. I bet that software is on its way back to CompUSA right now.

  • With google down.. (Score:5, Funny)

    by kun ( 844934 ) on Sunday May 08, 2005 @09:54AM (#12467942) Homepage
    With google down who's going to raise my children!?
  • I have Comcast, which occasionally has DNS issues (when it goes into "does not work" for a couple hours, that's often their DNSes going down).

    Anyway, I plugged Googles IP into my hosts file, thus allowing me to get nifty things (like alternative DNSes and how to make my machine use them, along with possible fixes to future problems) from the Gcache.

    The fact that they've basically backed up the Internet is, uh, interesting.
  • This search for cache::memcached [google.com] (a Perl module) always fails. I reported it to Google several days ago. Other searches, such as for io::socket [google.com] do not fail similarly.

    Got any other searches which always fail with a server error?
  • I've had my Gmail account open continously throughout this, and Google.ca resolved constantly. Why? I use intelligent caching DNS, and my browsers won't try to magically autocomplete if there is a problem (DNS is handled by Privoxy).

    Yet still yesterday I kept seeing people panic about, "google being hacked". ...

    Obviously these people need to learn a little about computers, and run their own caching DNS servers. Hopefully ones like djbdns, so they aren't vulnerable to cache poisoning attacks.

  • Just think how this affected ISP help desks (Score:3, Insightful)

    by IronChefMorimoto ( 691038 ) on Sunday May 08, 2005 @12:27PM (#12469092)
    Imagine all the people who have Google.com set as their homepage when they start up a web browser. I can't imagine what happened to ISP help desk lines when Joe Bob Family Man hopped onto his computer Saturday night to check a golf score only to find a 404 error or some "page not found" error when he fired up MSIE.

    Think about it -- Google just doesn't go down. Not like some websites. It's so simply designed, and in some people's minds, that means it can't fail.

    Hell -- I stupidly went into my Linksys router interface after FireFox gave me a startup error to see if my ISP had dropped my connection. I didn't think to look at CNN.com or another website (which were working fine, so NOT an outage). Why?

    Google just doesn't go down. Reliance is a real bitch sometimes, no?

    IronChefMorimoto
  • I noticed that google wouldn't resolve. I have 6 upstream DNS servers that feed my own caching DNS server. I checked each one, and found that half of them had the address for google, and half didn't. Simple solution, re-order my DNS servers so the ones with Google's address were searched first, and restart DNS server. Problem solved.

    I assumed it was just a case of cache poisoning for those specific servers, and not that Google was dead to the world.

    This brings up a very interesting subject, though. I
  • Google DNS Glitch Caused Outage

    I knew that [slashdot.org] . Where is the full detailed breakdown?

Slashdot Top Deals

10 to the minus 6th power Movie = 1 Microfilm

Close