Looking at the world of media: from music to RIA.

Was Amazon.com hacked? [update: probably not]

June 5th, 2008 Posted in General Media / Stuff, web integration

Amazon LogoUpdate: After further scrutiny it looks like the DNS whois was read wrong by us and we all jumped to conclusions. The response back was any domain with Amazon.com in the name. If you look at the last one then you can see all is on the up and up. So it probably is just a bad update… we shall see what is mentioned later.

Today’s big news in the tech industry was Amazon.com’s US outage. If you haven’t heard about it Amazon.com US, went down at 10:27am PST on June 6th:

An Amazon spokesperson said this afternoon, “Amazon’s systems are very complex and on rare occasions, despite our best efforts they may experience problems. We work to minimize any disruption and to get the site back as quickly as possible.”
Amazon’s Web Site Goes Down: An ‘Unplanned Event’ on New York Times Bits by Brad Stone

But what is the real cause of this? Some sys admin friends of mine where trying to shop at Amazon when it went down. Being what they are they took a peek under the hood and it looks like the DNS was hacked. When a whois was run on Amazon.com this is what was returned at 11:20am PST:

$ whois amazon.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information.

Server Name: AMAZON.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM
IP Address: 69.41.185.219
Registrar: INNERWISE, INC. D/B/A ITSYOURDOMAIN.COM
Whois Server: whois.itsyourdomain.com
Referral URL: http://www.itsyourdomain.com

Server Name: AMAZON.COM.MORE.INFO.AT.WWW.BEYONDWHOIS.COM
IP Address: 203.36.226.2
Registrar: TUCOWS INC.
Whois Server: whois.tucows.com
Referral URL: http://domainhelp.opensrs.net

Server Name: AMAZON.COM.IS.N0T.AS.1337.AS.WWW.GULLI.COM
IP Address: 80.190.192.24
Registrar: EPAG DOMAINSERVICES GMBH
Whois Server: whois.enterprice.net
Referral URL: http://www.enterprice.net

Domain Name: AMAZON.COM
Registrar: NETWORK SOLUTIONS, LLC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: UDNS1.ULTRADNS.NET
Name Server: UDNS2.ULTRADNS.NET
Status: clientDeleteProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 28-mar-2008
Creation Date: 01-nov-1994
Expiration Date: 31-oct-2017

Last update of whois database: Fri, 06 Jun 2008 14:15:03 EDT

This just reeks of the same thing that happened to Comcast. If you read the full article at Wired, the hack sounds exactly the same. It will be interesting to see what Amazon has to say once the dust settles…

  1. 1 Trackback(s)

  2. Jun 27, 2008: Amazon.Com WHOIS = WTF?

You must be logged in to post a comment.