News:

Looking for documentation? Take a look on our wiki

Main Menu

UPS hacked cant querry API server

Started by Ericc, September 05, 2011, 01:03:37 AM

Previous topic - Next topic

Ericc

 Hi all,

  UPS or the DNS servers where hacked today and I lost the ability to query the API server.  I get a Error: Couldn't resolve host 'wwwcie.ups.com'  message..  I originally thought I could just replace the wwwcie.ups.com with 96.17.193.242 message but then I get an error message about the SSL cert not matching the domain name or such.  Any suggestions on how to deal with this?

Thanks
Eric

KyleDeming

I'm having the same problem, any help would be greatly appreciated! I am going to call UPS in the morning to see if they have any ideas for a resolution.

lowmips

It's not an issue on UPS's end.  It's an issue with their registrar.  Assuming that the security flaw/hole/whatever has been fixed, you'll want to contact your web server host and make sure that their DNS cache has been cleared of the bad data and updated with the correct records.  The "crackers" set the TTL to a high value, so any cached records will remain for a long time...
Visit my website at www.lowmips.com
View my newsletters Here (sign up for newsletters on the front page of my website)

rszemeti

If you ever have this or a similar issue with some other service ever again, there is a simple 2 minute fix:

open your /etc/hosts file in an editor

add a line like this:

96.17.193.242   wwww.whatever.it.is.com

tada! .. this is a static entry that will override their DNS settings, so remember to remove it when the DNS issue is fixed ... the same file exists in Windows, in windows/system32/drivers/etc   or some such place.  Its always handy to be able to do this to solve temproary DNS failures of important services