Recent DNS issues - NTL speaks....
 

Just out of frustration the other night, I filled out the NTL "eCommunicator" feedback form thing asking them what was going on:

It's about time you fixed these DNS issues. For it to happen once is unlucky, twice is stupid, three times smacks of gross incompitence and the inability to learn from previous problems.

Issue a formal apology, tells us what happened and more to the point, what you are doing to stop it happening again

Just got this reply:

Hi Susan,

Please accept my apologies for the problems you have been experiencing

The DNS issues that you refer to were caused by DDoS attacks on the servers, the issue has since been resolved and Ntl are investigating ways to prevent this from happening again.

If you have any further issues with your broadband service please reply to this with details of the problems and we will investigate these further for you.

Thank you for contacting ntl

Gareth

To which I have replied:

Thanks for taking the time to reply and your brief explanation.

I'll look forward to the formal statement and apology to all your customers. I appreciate that these problems may not be exactly NTL's fault and I understand that due to their nature, it may not be possible to give out too much info, but the fact that they can happen and have done repeatedly makes me worry whether NTL are doing enough to prevent them happening again.

By the way, my name's Simon, not Susan.

Thanks again.

Re: Recent DNS issues - NTL speaks....
 

I am totally shocked they could even be bothered to reply to be honest.

Re: Recent DNS issues - NTL speaks....
 

Good work Susan! ;-)

Its ok they keep calling me Miss J Taylor.. whoever she is?

Re: Recent DNS issues - NTL speaks....
 

talk about great minds. here is my version!

3 DNS problems in 4 months. Currently using the belfast proxy as peterborough wont display all pages. Not acceptable.
Date: 6/7/2006 7:56:13 PM Area of Feedback: Broadband: Internet Service Reliability Rating: Bad Company Reply:

Hi Paul,



Please accept my apologies for the problems you have been experiencing.



The problems that you were experiencing may have been caused by a DDoS attack that effected our DNS, these have since been resolved. The problems would have included inability to view internet pages.



If you have any further issues with your broadband service please reply with details regarding the issues and we will investigate these for you.



Thank you for contacting ntl

Phil
Notice the spelling mistake in italics. Must be using Microsofts spell checker!

Re: Recent DNS issues - NTL speaks....
 

This is what disgusts me about NTL. The level of customer service is nothing short of a shambles.

I mean firstly it's bad enough that they get repeatedly attacked and are too slow to do anything about it. Then they keep everybody in the dark and effectively sweep it under the carpet unless you continue to push and make a big fuss. Now on top of those you get a generic e-mail back which they can't even be arsed to spell properly.

I'd love to think now that Branson is on board things will change, even though he's currently a silent partner I was under the impression it would be changing to Virgin TV? If so I'm certain he won't have the image of the company under his name anywhere near as bad as NTL's currently is.

Re: Recent DNS issues - NTL speaks....
 

first, how is it their fault they get attacked?
secondly, being a target of a DDoS attack isn't always something you can stop
thirdly, if it's under investigation by the police they aren't allowed to say anything and how many of NTL's customers would understand the problem?
fourthly, a generic email would only say there was problems, generic emails don't give details

Re: Recent DNS issues - NTL speaks....
 

As several people have posted it's one thing being attacked, but being attacked three times is something else. This is a major company here not some 2 bit backstreet job (even though at times they seem to act just like that) things should be in place to deal with these situations. Sure I don't say they can stop everything but I'm certain companies have a way of dealing with these situations or it would be happening everywhere constantly. NTL are well known for breaking down left right and centre, whether they are being attacked or whether it's their own fault. This is why people are always in uproar when something breaks yet again as it happens so often.

Also NTL are well known for their shoddy customer service. They always hide behind the same excuses and think resetting your connection is the answer to almost everything. They talk to you like you have no idea what a computer is, hoping that they can fob you off with an excuse that doesn't show the company up for what it is.

That e-mail sounds generic to me, how come both those answers said almost the exact same thing. They couldn't even be bothered to check it was spelled correctly. This is not something a major company should be doing. A major company checks these things because they don't want to come across as unprofessional. NTL unfortunately do just that.

Also I'd like to point out I have worked for NTL in the past so I know what I'm talking about.

Re: Recent DNS issues - NTL speaks....
 

Of course it's not their fault they get attacked just like it's not your fault if your house get broken into. The things is that the more you do to stop people breaking into your house (window locks, alarm etc), the less likely it is to happen.

Using that logic it worries me that NTL have now been hit three times in as many weeks - not forgetting that this also happened in March - http://www.cableforum.co.uk/article/...service-attack. If my house got burgled once I'd make sure I got better locks and did something about it. I'm not confident that NTL are learning from the experience.

How many other ISP's have been hit in similar ways? It's not something they would shout about but you certainly don't read about other users experiencing similar issues with, say, Wanadoo, Tiscalli etc.

Staying with the burglary simile, chances are the potential robbers find an easier house to break into without the extra defences and I wonder if NTL are that easier house, so to speak. Of course it could be that, as one of the leading ISP's in the UK, NTL are a prime target for this kind of thing but it also follows that they should do more to prevent it.

Obviously if things are being investigated by the Police then they may not be able to say anything but it is common courtesy and customer service to at least issue a proper apology, a basic explanation of the problem and to say that they are doing something to stop it happening in the future (if they indeed are).

Re: Recent DNS issues - NTL speaks....
 

The (rapidly enlarging) big finger point to one overwhelming fact. NTL are trying to provide thier service on the cheap. Thier whole way of going about things seems to revolve on spending as little as possible - even if the end result is a poor service.

Re: Recent DNS issues - NTL speaks....
 

Hello,

I'm still on the peterborough proxy (i guess since im in peterborough) but i was having issues earlier. How do i go about changing my proxy server to an alternative proxy. Is there somewhere i can get a list of proxy server ips? Sorry if this has already been posted somewhere else.

Thanks in advance.

-NE

Re: Recent DNS issues - NTL speaks....
 

Proxy list: http://www.cableforum.co.uk/forum/article.php?a=10

Re: Recent DNS issues - NTL speaks....
 

Thanks =)

-NE

Re: Recent DNS issues - NTL speaks....
 

Attacked the first time you can give them some slack.
Attacked a second time and you start to think why is it so easy for someone to do this.
Attacked a third time and i can only think that

A. They dont know how to stop it.
B. There security is so slack it beggars belief
C. They dont have the system in place to deal with this SO WHY NOT.

My personal outlook on this is that if they spent more time looking at there network instead of looking for ways to make there employees redundant they might be able to fix this properly.

Re: Recent DNS issues - NTL speaks....
 

When I was there they treated their employees like dirt.

Those revolving doors they have on the front of the local building are there for a good reason :td:

Re: Recent DNS issues - NTL speaks....
 

I know what you mean :)

Re: Recent DNS issues - NTL speaks....
 

Without information on the nature of the ddos attacks it's impossible to say if anything could be done. Some attacks are just impossible to stop and you have to ride them out.

Re: Recent DNS issues - NTL speaks....
 

if some small isp with 100mbit of peering I could understand but ntl have many gigabits of peering so they probably cant be taken down with a bandwidth saturation attack so I can only assume they either let the traffic reach the dns servers unfiltered. Or it was a simple request overload on the servers (resource consumption).

A isp of ntl's size should be able to mitigate a ddos attack, their are a few ways to do it but the first step would be buying some high end juniper hardware configuring it to filter attacks before they even reach the dns servers and then add more dns servers so their is some better redundancy.

Of course if they not willing to spend money, what they can do is much more limited.

Re: Recent DNS issues - NTL speaks....
 

This is ridiculous, I can barely browse... Are there any other working DNS addresses we can use in the interim?

Re: Recent DNS issues - NTL speaks....
 

There is no such thing as an unstoppable attack apart from those that rely on raw bandwidth and even those can be prevented by a distributed server architecture. It is impossible to simulate normal traffic to the extent where it is able to take a well specified server down.

The fact is ntl don't have the technology in place to repel these attacks, and are I suspect just throwing more server capacity at it. That was what was happening previously anyway.

There are plenty of manufacturers offering DDoS mitigation hardware. These attacks I seriously doubt are anything more than SYN or UDP floods. Attacking DNS through repeated querying can be blocked upstream as well. It's all a case of having the layer 7 inspection and filtering in place to allow the legitimate traffic through while blocking the bad stuff.

NTL might do well to have a chat with someone selling http://www.toplayer.com/ equipment.

A look at http://www.google.com/search?q=DDoS+mitigation shows a number of options too.

There's a difference between being unable to stop the attacks and regarding them as an 'acceptable risk' and choosing not to invest the required sums to stop them.

You do wonder why these servers are even reachable from the outside. The servers the customers query could be seperated from the servers which other DNS servers query.

Personally I'd be all in favour of regional DNS servers, at the moment there's a distributed (and unnecessary) caching architecture, but the DNS is centralised still, which makes no sense apart from the financial one.

Either way this is inexcusable, and I wouldn't blame the engineers for this, I'd blame the people holding the purse strings and the people demanding wading through red tape before getting at the purse.