Critical Engine
Gold Member
I've seen some fake update required messages when switching between pages, I got logged out, and when I go to the main page it redirects me to some other page with a ww9.forums.jetcareers.com address.
Problem JetCareers is being hacked
- Thread starter Critical Engine
- Start date
Nah, it's not hacked.
Technically I screwed up the nameserver designation so the wrong IP has been propagating around. However the correction, even with some tweaks, is taking it's time to propagate around to the world's DNS.
Completely mea culpa. No copilot to blame this on.
The IP is 104.238.84.94 for the server whereas instead of using "jettester.com." as the DNS, I typed "jettester.net." which unleashed worldwide molten hell and was responsible for sending requests to 77.-something else.
Whenever you have a semi-popular domain, there are people that buy all sorts of iterations of similar domain names to capture some traffic to sell services, products and whatever. You might have to flush your DNS cache on your browser. Plus, most people that control DNS policy don't even understand DNS themselves so there's going to be some slow DNS servers that haven't gotten the change, even though my TTL is sub-500.
Sorry. I know it was a pain in the ass for you guys and believe me, it was a pain in the ass for me too!
Technically I screwed up the nameserver designation so the wrong IP has been propagating around. However the correction, even with some tweaks, is taking it's time to propagate around to the world's DNS.
Completely mea culpa. No copilot to blame this on.
The IP is 104.238.84.94 for the server whereas instead of using "jettester.com." as the DNS, I typed "jettester.net." which unleashed worldwide molten hell and was responsible for sending requests to 77.-something else.
Whenever you have a semi-popular domain, there are people that buy all sorts of iterations of similar domain names to capture some traffic to sell services, products and whatever. You might have to flush your DNS cache on your browser. Plus, most people that control DNS policy don't even understand DNS themselves so there's going to be some slow DNS servers that haven't gotten the change, even though my TTL is sub-500.
Sorry. I know it was a pain in the ass for you guys and believe me, it was a pain in the ass for me too!
SlumTodd_Millionaire
Most Hated Member
Nah, it's not hacked.
Technically I screwed up the nameserver designation so the wrong IP has been propagating around. However the correction, even with some tweaks, is taking it's time to propagate around to the world's DNS.
Completely mea culpa. No copilot to blame this on.
The IP is 104.238.84.94 for the server whereas instead of using "jettester.com." as the DNS, I typed "jettester.net." which unleashed worldwide molten hell and was responsible for sending requests to 77.-something else.
Whenever you have a semi-popular domain, there are people that buy all sorts of iterations of similar domain names to capture some traffic to sell services, products and whatever. You might have to flush your DNS cache on your browser. Plus, most people that control DNS policy don't even understand DNS themselves so there's going to be some slow DNS servers that haven't gotten the change, even though my TTL is sub-500.
Sorry. I know it was a pain in the ass for you guys and believe me, it was a pain in the ass for me too!
I don't know what the hell language that is you're speaking there, but:
Your DNS cache.
Think of your DNS cache like a Rolodex of site addresss you frequent.
It has no idea where to find FarmersOnly without going to the big phobebook to figure out what number to dial. Those things take take so your browser will cache, or jot down some notes so it can quickly access that.
DNS is indifferent if it's the right address as the cosmos is to human existence so it's got to be refreshed regularly because those phone numbers change, like in the case of JC.
Clumsy webmaster provides incorrect information, even temporarily, it takes 24 to 48 hours for those correction to make their way around the world. And even when they do, a lot of computers are using cahced information until those caches expire.
That was information that sadly, about 60% of the people that do this crap for a living don't even know.
uncreative
Well-Known Member
The IT version of "Wait...what's it doing now?"
Just in case you're not aware, there are services like dnsmadeeasy which not only provide redundancy, but also allow you to change IPs almost instantaneously, preventing situations like this.
Just in case you're not aware, there are services like dnsmadeeasy which not only provide redundancy, but also allow you to change IPs almost instantaneously, preventing situations like this.
Hacker15e
Who am I? Where are my pants?
Oh, WTF would you know...like you're some kind of IT expert or something, sheesh. This is a pilot forum.
exneophyte
Well-Known Member
Yay! It's back. I might need a support group after yesterdays outage.
RetiredATLATC
Well-Known Member
Well that makes me feel a lot better. I thought I got a virus and have been troubleshooting it all day.....in between cake baking for my going away party.
ozziecat35
4 out of 5 great lakes prefer Michigan.
Krieger
Well-Known Member
A what grandpa?
PositionAndHold
Well-Known Member
It's definitely an intermittent problem on my iPad (all I have on the road with me). If I clear my history. Search jetcareers on Google. Click the link to the jetcareers Facebook page. Scroll down to this discussion and click on a link some one posted that is jetcareers.com/forums. I can get it to work. Then that trick stopped working so I restarted my iPad and tried again and it works. Once on the site, certain links will kick me back to Internet no mans land (I think I won a free trip to somewhere) and I start over.
🦈💜
All dragon~
Unfortunately, I believe when DNS queries were inadvertently pointed to evilsite.net's nameservers, it poisoned a whole upstream DNS caches with records with a very large TTL.
foxy@foxpaws:~$ dig forums.jetcareers.com. @ns1.jettester.com.
;; ANSWER SECTION:
forums.jetcareers.com. 6964 IN A 104.238.84.94
foxy@foxpaws:~$ dig forums.jetcareers.com. @ns1.jettester.net.
;; ANSWER SECTION:
forums.jetcareers.com. 604800 IN A 77.247.178.109
ww9.jetcareers.com. 604800 IN A 166.78.101.108
*.jetcareers.com. 604800 IN A 77.247.178.109
It's not just browsers, or client-side dns caching... and it may take a week to fully resolve. Nasty stuff.
I miss the days when harboring abusive customers could seriously affect a company's long-term reputation and connectivity, and thus its long-term survival chances.
Fun times!
-Fox
