Hey, there! Log in / Register

MBTA's Web site lapses in and out of consciousness due to possible attack on server that links it to the Internet

What PunMonkey got at mbta.com last night.What PunMonkey got at mbta.com last night.

What could be a hacker attack on an Internet DNS server - or a server misconfiguration - is causing problems for people trying to connect to mbta.com. Starting last night, some users have reported being unable to connect to the site or being connected to a "domain for sale" page, although other users report no problems.

MBTA spokesman Joe Pesaturo confirmed this morning the problem is related to problems at a DNS server used by the MBTA. DNS servers act like directories for Internet-connected computers, translating human-like names, such as mbta.com, into the numerical addresses associated with specific Web servers.

Tech Crunch reports LinkedIn and some Fidelity servers have also been affected by the issue.

Confluence Networks, an Indian service provider to whose servers some Web sites were redirected, says:

Note that it has already been verified that this issue was caused due to a human error and there was NO security related issue caused by the same.

Neighborhoods: 
Topics: 


Ad:


Like the job UHub is doing? Consider a contribution. Thanks!

Comments

Finally the T is bringing its failures to the digital age. Limiting breakdowns to physical infrastructure is just so old-fashioned. This way you don't even have to live in Boston to enjoy them.

up
Voting closed 0

Yes, how stupid of the T to use the same DNS service as LinkedIn, one of the largest web sites on the planet. They should have known better.

up
Voting closed 0

Perhaps this is what was responsible for 3 dead trains on the Green Line this morning?

up
Voting closed 0

Of course! Uploading a virus to the mothership's mainframe has knocked out all the drone vessels and rendered them useless! Haven't you seen Independence Day?

up
Voting closed 0

Just wait until the Green Line reaches the internet age circa 1996. Complete with pop up ads and pron.

up
Voting closed 0

Hundreds of domains including usps.com, mbta.com, fidelity.com, and linkedin.com were affected. My employer, who I won't mention here, is still very busy dealing with the fallout.

The publicly-available details are: last night Network Solutions, the domain registrar for all these domains, suddenly started resolving them all to an IP address belonging to Confluence Networks, which runs sites that gather ad revenue from expired/parked domains. Network Solutions has issued a vague statement claiming it was an error. Confluence denies all responsibility.

The assertion by Confluence that "there was NO security related issue caused by the same" defies logic. When you have many secure websites being redirected to a non-secure third-party site, that is a security issue. I think Network Solutions' statement that "no confidential data was compromised" is also an overreach.

up
Voting closed 0

If users accessed https://[their desired domain]/, there would have been no issue, since the domain names on the certificates would not have matched — ideally, only the rightful owner of a given domain can get a certificate registered to it. Unless somehow Confluence managed to procure fraudulent certificates for the domains in question while the domain lookup error was occurring, users would have been safe.

up
Voting closed 0

Ideally, all users would know how to use SSL properly.

In practice, many (most?) users are not going to be sophisticated enough to notice a man-in-the-middle attack. Many people just type, for example, www.americanexpress.com and rely on the website to redirect them to https://www.americanexpress.com. Even if they do specify https, a man-in-the-middle can redirect them to http. Then they have to be alert enough to realize that the "lock" icon isn't being displayed in their browser.

up
Voting closed 0

Many people just type, for example, www.americanexpress.com and rely on the website to redirect them to https://www.americanexpress.com.

Good point. There is a way for sites to protect users from this attack, but not enough sites use it.

Even if they do specify https, a man-in-the-middle can redirect them to http.

This one is impossible, though.

up
Voting closed 0