Skip to main content

IP-hijacking and then some

Almost a month of downtime. The servers were fine, but our IP addresses were not. Somehow, a system bug from one of the hosting companies caused our plan to include 14 other IP addresses, and we only maintained 6 as far as I am concerned.

So the hosting company eventually understood what was happening and started asking the right questions. The bug is that the system allowed network administrators to assign to new clients, the IP addresses that have already been assigned to a current client.

We spent crazy hours figuring out what happened. Since the domains were not loading our sites, and instead were redirecting to some domains we don’t own (real bad sites btw), we checked if .htaccess was modified and tested if it was working at all. I also did double checks on virtual host configurations and they all looked clean.

I started thinking that it was a routing issue. We were not using the publicly routable IPs for the virtual hosts; instead, we used internal IPs as mapped to the firewall hardware. A lookup on the domain/s that we were being redirected to reported different IP addresses, which didn’t readily confirm my suspicions, but stressed the possibility of IP-hijacking.

It’s not supposed to be taken in the context of BGP (border gateway protocol), as this is beyond me. Instead, think of your assumption over IP addresses that we’re using, to serve your websites. Sounds clear? I hope it does. I got pretty lost myself and it isn’t after deep digging at the hosting company’s end that their errors became apparent.

So in the light of this realization, I’ve already moved the domains to some other hosting. Way too much work and way uncool.

Labels:

Comments

Post a Comment

Popular posts from this blog

March was a good month. Not just because it's my birthday month, but I've been able to do more physical exercises as far as I'm allowed, and I've also been able to get through my first month back in the job. For the first couple of weeks, I thought I was going to do 4 hours a day at most, and turn up the heat bit by bit until I'm able to do 100% again. But I suppose having to rest over a month does have its toll. It took significant effort to try not go all in with guns blazing on the first day back at work. LOL Anyway, I'm trying something new this year. We've migrated our applications to a better platform, and we'd like to push that to the cloud this year. It'll obviously need a lot of liaising and cooperative work with other teams and domains so I'm going to do more engagement and solutioning than the usual engineering this time. Last week, we did a platform-related hackathon and a critical refresh across clusters. There's going to be a lo
Post a Comment
Read more

On Planning and Reports

In my previous employment, I didn't have any problems with submitting reports, practically because we used a time management/monitoring tool and the reports sort of generated by themselves. So when submitting daily reports isn't the norm here at the unit, quarterly reports become quite tricky. I've resorted to referring to Google Calendar as most of the stuff we do are usually scheduled. I've also thought of logging everything on a text file and have pelican publish this to my website. Meantime, my reading list for the day as I decide on a workflow that will allow multiple teams to work on the university website: http://www.sitepoint.com/one-click-app-deployment-server-side-git-hooks/ http://stackoverflow.com/questions/425692/what-is-your-preferred-php-deployment-strategy https://www.digitalocean.com/community/tutorials/how-to-automate-php-app-deployment-process-using-capistrano-on-ubuntu-13
Post a Comment
Read more

Thank you!

I am home, and enjoying my second lease in life, one slow day at a time. I have never been hospitalized for something as life-threatening as DHF with complications before, so it's a bit frustrating that even when I'm already out of the hospital, I could not move around as much as I want. I could not even attempt to lift and carry my son when he feels like asking me to hoist him up. I can only manage a few hours of work now and what's more disheartening is knowing that I can no longer recoup a week's worth of missed work. Well, that's how it is with us road warriors/freelancers. But I am alive. I survived my first bout against DHF + pneumonia, and I have God, family, and all the people He used to get to me, to thank for. So I'm taking this moment to write and thank EVERYONE who reached out, spread the word, contacted other people, prayed, donated blood, consoled my wife, watched over me when everyone else was exhausted, and so much more. You are all AWESOME and I
9 comments
Read more