Author Topic: UPS hacked cant querry API server  (Read 4136 times)

Ericc

  • Beginner
  • *
  • Posts: 5
UPS hacked cant querry API server
« on: September 05, 2011, 01:03:37 am »
 Hi all,

  UPS or the DNS servers where hacked today and I lost the ability to query the API server.  I get a Error: Couldn't resolve host 'wwwcie.ups.com'  message..  I originally thought I could just replace the wwwcie.ups.com with 96.17.193.242 message but then I get an error message about the SSL cert not matching the domain name or such.  Any suggestions on how to deal with this?

Thanks
Eric

KyleDeming

  • Beginner
  • *
  • Posts: 6
Re: UPS hacked cant querry API server
« Reply #1 on: September 06, 2011, 10:00:59 am »
I'm having the same problem, any help would be greatly appreciated! I am going to call UPS in the morning to see if they have any ideas for a resolution.

lowmips

  • Global Moderator
  • Hero Member
  • *
  • Posts: 1464
    • lowmips.com
Re: UPS hacked cant querry API server
« Reply #2 on: September 06, 2011, 17:33:00 pm »
It's not an issue on UPS's end.  It's an issue with their registrar.  Assuming that the security flaw/hole/whatever has been fixed, you'll want to contact your web server host and make sure that their DNS cache has been cleared of the bad data and updated with the correct records.  The "crackers" set the TTL to a high value, so any cached records will remain for a long time...
Visit my website at www.lowmips.com
View my newsletters Here (sign up for newsletters on the front page of my website)

rszemeti

  • Beginner
  • *
  • Posts: 16
Re: UPS hacked cant querry API server
« Reply #3 on: December 07, 2011, 15:42:32 pm »
If you ever have this or a similar issue with some other service ever again, there is a simple 2 minute fix:

open your /etc/hosts file in an editor

add a line like this:

96.17.193.242   wwww.whatever.it.is.com

tada! .. this is a static entry that will override their DNS settings, so remember to remove it when the DNS issue is fixed ... the same file exists in Windows, in windows/system32/drivers/etc   or some such place.  Its always handy to be able to do this to solve temproary DNS failures of important services