Farelf Posted September 4, 2008 Share Posted September 4, 2008 'That' time of the week - waiting Windows Update per the security shield notification icon, checking the detail while it installed, appears to be a duplicate (the wholly overweening 'Genuine Advantage Notification' already installed last week with appropriate 'feedback' to M$ post factum). Going for the update history, I couldn't. Microsoft.com (and only, AFAICT, Microsoft.com) is most comprehensively 'off air' from here. "a" record IP addresses, "NS" IP addresses are all unresponsive to ping, timeout. The rest of the internet seems fine. So, was the update genuine? Allowing it may have been a major 'oops'. Commencing scanning. Yeah, I'm paranoid, but obviously not paranoid enough. Link to comment Share on other sites More sharing options...
rconner Posted September 4, 2008 Share Posted September 4, 2008 So, was the update genuine? Allowing it may have been a major 'oops'. Commencing scanning. Yeah, I'm paranoid, but obviously not paranoid enough.For what it may be worth, microsoft.com loads fine from here right now. They pestered me to install some sort of plug-in to "enhance my experience." Probably doesn't work on my Mac anyway. To hijack the topic, I want to complain about Microsoft’s horrendous abuse reporting page for live.com sites. I got a live.com spam and decided to click the "report abuse" link. Big waste of my time: You must provide your name and e-mail address (OK, fair enough). You have to enter a CAPTCHA (OK, fine) You have to type some info in a box to describe the abuse (I pasted in the spam mail). You must provide the address/member ID of the account you are reporting. How the H-E double toothpicks am I supposed to know that? They’re a spammer! The form won't submit without this info, so I was forced to fill in an obviously bogus address. You must select the type of abuse from a drop-down list, one in which "spam" does not appear. I picked "other." You must select the location of the abuse from another drop-down list that has a bunch of things I don't recognize. I had to pick "other" again. -- rick Link to comment Share on other sites More sharing options...
Wazoo Posted September 4, 2008 Share Posted September 4, 2008 Microsoft.com (and only, AFAICT, Microsoft.com) is most comprehensively 'off air' from here. "a" record IP addresses, "NS" IP addresses are all unresponsive to ping, timeout. The rest of the internet seems fine. Lots of oddities seen for microsoft.com ... on the other hand, www.microsoft.com seems to be working just fine. To hijack the topic, I want to complain about Microsoft’s horrendous abuse reporting page for live.com sites. I got a live.com spam and decided to click the "report abuse" link. Big waste of my time: Thinking that this has been touched on in the Reporting Help Forum section. Basically, the Microsoft Live Mail crap is still just another face on the HotMail servers, so the abuse addresses for HotMail still (kind of/sort of/maybe hardly) work for Live Mail spam. Link to comment Share on other sites More sharing options...
Farelf Posted September 4, 2008 Author Share Posted September 4, 2008 Lots of oddities seen for microsoft.com ... on the other hand, www.microsoft.com seems to be working just fine. ...Good, thanks (and to Rick too), I guess I will be able to reach it again soon in that case. One of those "oddities", successive connection attempts (IE7) to update.miscrosoft.com going for 65.55.184.125, 65.55.200.189, 207.46.17.125 in turn - nslookup's results (not saying/tagged 'non authoratative' either) indicating those as the "a" address for update.microsoft.com when checked immediately thereafter. I've only seen that sort of agility from a botnet before but I guess it's just some sort of load sharing thing. And yeah, microsoft.com and support.microsoft.com, as well as update.microsoft.com all unreachable from here still. Spyware scans clear, guess I will do an AV next but feeling more relaxed now (the worst of the DNS/cache poisoning vulnerability is supposedly patched now anyway, outgoing requests tested OK for randomization of ports and NS in any event, when last checked). And a new one - 209.62.20.188 - not getting through to that either. What the? ... that one's not M$! It's The Planet. I'm lost. Link to comment Share on other sites More sharing options...
Wazoo Posted September 4, 2008 Share Posted September 4, 2008 One of those "oddities", successive connection attempts (IE7) to update.miscrosoft.com going for 65.55.184.125, 65.55.200.189, 207.46.17.125 in turn - nslookup's results (not saying/tagged 'non authoratative' either) indicating those as the "a" address for update.microsoft.com when checked immediately thereafter. Oddity: 09/03/08 21:31:40 Slow traceroute Microsoft.com Trace Microsoft.com (207.46.197.32) ... 12.124.173.42 RTT: 190ms TTL:170 (No rDNS) 207.46.44.1 RTT: 78ms TTL:170 (ge-5-3-0-56.tuk-64cb-1a.ntwk.msn.net probable bogus rDNS: No DNS) 207.46.41.74 RTT: 82ms TTL:170 (ge-0-0-0-0.tuk-64cb-1b.ntwk.msn.net probable bogus rDNS: No DNS) 207.46.35.10 RTT: 91ms TTL:170 (ge-0-1-0-0.cpk-64c-1b.ntwk.msn.net probable bogus rDNS: No DNS) 207.46.34.114 RTT: 92ms TTL:170 (ten2-4.cpk-76c-1b.ntwk.msn.net probable bogus rDNS: No DNS) 10.22.0.22 RTT: 95ms TTL:170 (No rDNS) * * * failed * * * failed Browsing http://Microsoft.com/ Fetching http://Microsoft.com/ ... Host: Microsoft.com HTTP/1.1 301 Moved Permanently Location: http://www.microsoft.com Browsing http://www.microsoft.com/ Fetching http://www.microsoft.com/ ... Host: www.microsoft.com HTTP/1.1 302 Found <title>Object moved</title></head><body> <h2>Object moved to <a href="%2fen%2fus%2fdefault.aspx">here</a> Fetching http://www.microsoft.com/%2fen%2fus%2fdefault.aspx Fetching http://www.microsoft.com/%2fen%2fus%2fdefault.aspx ... Host: www.microsoft.com HTTP/1.1 200 OK oh yeah; Ping Microsoft.com (207.46.197.32) ... 1 failed 2 failed Ping www.microsoft.com (65.55.21.250) ... 1 failed 2 failed Probably eaten by the routers ..???? And yeah, microsoft.com and support.microsoft.com, as well as update.microsoft.com all unreachable from here still (From a Win-XP system) Browsing http://update.microsoft.com/ Fetching http://update.microsoft.com/ ... Host: update.microsoft.com HTTP/1.1 302 Object moved <h1>Object Moved</h1>This object may be found <a HREF="/windowsupdate/v6/default.aspx">here</a> Fetching http://update.microsoft.com/windowsupdate/v6/default.aspx Fetching http://update.microsoft.com/windowsupdate/v6/default.aspx ... Host: update.microsoft.com HTTP/1.1 200 OK Ping update.microsoft.com (207.46.21.29) ... 1 failed 2 failed Browsing http://support.microsoft.com/ Fetching http://support.microsoft.com/ ... Host: support.microsoft.com HTTP/1.1 200 OK Ping support.microsoft.com (207.46.248.248) ... 1 failed 2 failed And a new one - 209.62.20.188 - not getting through to that either. What the? ... that one's not M$! It's The Planet. Ping 209.62.20.188 ... 1 Addr:209.62.20.188, RTT: 57ms, TTL: 48 Browsing http://209.62.20.188/ Fetching http://209.62.20.188/ ... Host: 209.62.20.188 HTTP/1.0 200 OK <a href="http://209.62.20.188/?foiffs=in100fweg">Click here to proceed</a>. Copied content much reduced to just a few details. Hope it helps (or at least adds to that calm feeling <g>) Link to comment Share on other sites More sharing options...
Farelf Posted September 4, 2008 Author Share Posted September 4, 2008 ... Copied content much reduced to just a few details. Hope it helps (or at least adds to that calm feeling <g>)Yeah, thanks a lot. I guess they're trying their little hearts out - nsatc.net are in the fray now (mention in rickconner.net providing reassurances about that). I would have to say it all casts some doubt on the M$ 'masterplan' which surely relies on seamless connectivity. Ah well, the antipodes (and wherever else similarly affected) are evidently not of critical importance in the greater scheme of things - and most of us sort of like it that way. If only those bloody spammers would take the hint and ignore us too. [on edit] And now they're back. And no, that update wasn't a duplicate (must have been remembering the home PC, the "good twin" of this one) and yes it must have been real because it's recorded in the update history. Well that was exciting. I gotta get a life. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.