It's not that they're not differentiating between singular and plural - there is no plural of "each"...
XAPBob
@XAPBob
Best posts made by XAPBob
Latest posts made by XAPBob
-
RE: Eaches? [Yet another TMobile WTF]
-
RE: Minor Ad Creative WTF
@dhromed said:
@DescentJS said:
And what happens on sites with white backgrounds?
Magic!
Profits!
And a romantic happy end!
Subliminial advertising...
-
RE: Security, we've heard of it (and play it in buzzword bingo)...
@cdosrun said:
While that isn't relevant to this specific change, using "up to 24 hours" for DNS Changes isn't a WTF- It's giving support a single number to remember that should never be too low.
Changing DNS servers is (or should be) a staged process with NO downtime, and no issue with any intermediate DNS caches.
Any change to DNS servers should be invisible to the end user
-
UK Gov WTF - linked from the BBC
Fortunately only a test dB (one hopes)
But this site has been subject to various DNS/server changes over the morning, having been linked to by the BBC news site
Also various other server tests etc. publically available at the moment
-
Security, we've heard of it (and play it in buzzword bingo)...
Quite a long story - but consists of bumbling incompetence throughout...
NB - Mr Site is a web hosting company…
TRWTF is their last email:
@Mr Site Support said:
Unfortunately we cannot discuss the internal workings of our network for security reasons. We have performed the required changes at our end so that your site is accessible to the public and your Mr Site services are available to you. Thank you for your patience.
This doesn't seem too bad, they won't discuss internal workings for security reasons. That's sane, no point in shouting about network internals.
However when you work out how we've got to this email, there are a number of WTF's which we'll spot later.
Background
I work as a tech support to network managers with specific focus on our DNS range of appliances, and quite often get slightly weird support requests, which turn out to be a third party misconfiguration (blacklisting swathes of IP space which have long since been reallocated, failed glue records or inoperative name servers still being advertised for instance). So I wasn't that surprised when a (technically competent) customer told me that two domains were not being resolved by their caching DNS.
With a little digging (apologies for the pun) I found that they were both hosted by Mr Site, and advertised ns1 and ns2.hosthost.co.uk as name servers. Neither of these responded, and using one of our recursive tools I noted that one of the domains did not have NS records with the registrar (so was completely unfindable).
Opening Gambit
So I did my normal thing and sent off an email to the advertised support address:
@Me said:
Hi,
There are a couple of zones which are hosted on the hosthost.co.uk nameservers (which I believe to belong to you) which are returning odd / no results:
The first is XXXXXXX, which appears to have no NS records:
Domain: XXXXXXb
Dig failures: [('m.gtld-servers.net.', 'zero answers found'), ('j.gtld-servers.net.', 'zero answers found'), ('d.gtld-servers.net.', 'zero answers found'), ('h.gtld-servers.net.', 'zero answers found'), ('l.gtld-servers.net.', 'zero answers found'), ('c.gtld-servers.net.', 'zero answers found'), ('a.gtld-servers.net.', 'zero answers found'), ('g.gtld-servers.net.', 'zero answers found'), ('e.gtld-servers.net.', 'zero answers found'), ('b.gtld-servers.net.', 'zero answers found'), ('k.gtld-servers.net.', 'zero answers found'), ('i.gtld-servers.net.', 'zero answers found'), ('f.gtld-servers.net.', 'zero answers found')]
The other is YYYYYYYY, one of your nameservers isn't responding:
Domain: YYYYYYYY
Records found: Set(['a.b.c.d'])
Dig failures: [('ns1.hosthost.co.uk.', 'dig exited with status code of 2304, output: connection timed out; no servers could be reached')]
Do you have any insight into what might be causing these failures?
Could you supply me with a list of some other zones hosted on your servers that I could test, to see if we can identify any issues?
They responded quite quickly, with an email that merits several instances of WTF on it's own:
@Mr Site Support said:
Thank you for your email. We can update your domain names' dns settings to so that your domain name returns an authoritative response and your site is accessible:
http://XXXXXXXXXXXX/
primary name server:ns4.hosthost.co.uk
secondary name server:ns5.hosthost.co.uk
http://YYYYYYYYYYYYY/
primary name server:ns2.hosthost.co.uk
secondary name server:ns3.hosthost.co.uk
Currently your dns settings point to a control dns server and may be too busy. Please be advised that if we update your domain name's dns settings your site will be down for approximately 24 hrs. Please let us know if it would be alright to update the settings.
Count the WTFs:
- They are running (at least) two live sites from a “control dns server” which “may be too busy”.
- They are only moving one of the domains off ns1&2, the other is staying on ns2.
- They are offering to change DNS entries on zones for which I have no affiliation, without any attempt at confirming who I am.
- They think that migrating name servers will result in 24 hours downtime.
Any I've missed?
Not wishing to fall foul of any computer system abuse laws my response was very non committal:
@Me said:If the current name servers are too busy then it would be sensible to shift these domains.
You can do this without downtime though - simply add the zones to the new name servers, update the NS records, then wait until the ttl has expired before removing the site from the old name servers.
Subsequent exchange:
@Mr Site Support said:
We have updated your domain name's name server information to point to the server your site is on. Don't worry you will not experience any downtime on your site.
If only that were true:
@Me said:Whilst XXXXXXX has now been moved to ns4 and ns5 (and is working), YYYYYYYY is still on ns0 and ns1, and I am still getting servfail responses from my recursive resolver.
Can I ask again for some of the other zones hosted on those nameservers, as it would appear that there is something odd in either your configuration or ours which is preventing these zones from being resolved.
WTF counting again:
- They've now made changes to the DNS configuration of a zone without any suitable instruction.
- They've only done one of the two zones which were being discussed in the one support ticket.
- They think the zone is mine.
Although at least they seem to have spotted that this doesn't need to result in downtime…
@Mr Site Support said:
We have updated your other domain name's name server information (YYYYYYY) to point to the server your site is on. Don't worry you will not experience any downtime on your site.
Resolved?
@Mr Site Support said:Dear customer,
We hope you found the answer to your enquiry “DNS oddness…” (number [####]) satisfactory. As we have not received any further communication from you with regards to this matter, we shall assume it has been resolved and will therefore close this ticket. If , however, you are not satisfied with how your enquiry has been answered, simply reply to this message. Please ensure you put the ticket number (including the brackets) in the subject of your email and we will reopen the ticket for you.
I should really note again that I am not a customer
I am satisfied with the outcome, concerned with the manner in which the changes were made, so I replied, copying in contacts from the two websites…
@Me said:
I'd like to highlight that the support team at Mr Site (HostHost, or whatever they want want to be called) were willing to make sweeping changes to your respective sites without any attempt to check that the request was from someone with the rights to change the site.
There is a configuration/load issue with at least one of their name servers (ns1.hosthost.com) which was resulting in your sites being unavailable to certain networks.
When I emailed to ask about the configuration, and try to assist them with their name servers their response was:
@Mr Site Support said:Please be advised that if we update your domain name's dns settings
your site will be down for approximately 24 hrs. Please let us know if it
would be alright to update the settings.
We have actually managed to make the transition to new name servers without downtime, but the support team at Mr Site still seem to be under the impression that I have something to do with either of the domains in question.
This concerns me for all users of the Mr Site hosting services, as I could probably have easily either taken you offline, or redirected traffic to a malicious site.
I hope that this episode will prompt a review of process, and that these requests would be authenticated or validated in the future.
John
PS - Mr Site, if you need to upgrade your DNS solution to cope with extra load/complexity then do call {company I work for}.
WTF
From this I then recieved a further response from Mr Site:
@Mr Site Support said:
Your site XXXXXXX now will report an authoritative response when talking to the server. Your domain name dns settings have been updated.
Huh? I hadn't said anything about either site, they were working fine. Why did you change anything!
I forwarded this to the site owners (again ccing support):
@Me said:
This is the kind of thing I've been getting. DNS changes made without any question being raised!
And got another response:
@Mr Site Support said:
The dns changes we've made will not affect the functionality of your website nor will bring your site offline. We are simply updating the settings so that your site can be viewed using all internet service providers as some companies have made changes in their network that affect the accessibility of Mr Site websites unless your site name's settings are updated.
Some ISPs have made changes??? You weren't supplying authoritative responses for a zone
Glad you're not making any changes that affect the functionality of the site, other that making it accessible?
My response then prompted the email at the top of the page…
@Me said:
So why was it ever in a state where it wasn't returning authoritative records?
You still seem to have missed the point that none of these domains are “my site”. I have nothing to do with either of them!
TRWTF
@Mr Site Support said:
Unfortunately we cannot discuss the internal workings of our network for security reasons. We have performed the required changes at our end so that your site is accessible to the public and your Mr Site services are available to you. Thank you for your patience.
Let's count:
- These aren't my sites
- I've never said they were
- I've explicitly said they're not
- They've made multiple changes to the records without any attempt to validate the changes or my right to request them
- Their original configuration
- Had possibly overloaded “control” dns servers serving live domains
- Failed to register NS records with the tld
- Their initial changes
- Were made without question
- Though that switching DNS servers would result in downtime
- Would only have moved one zone fully off the broken name servers
- Only touched one zone anyway
- Failed to return authoritative results
- Their subsequent changes
- Were made without question (as to my prerogative)
- One was made without even an error report, or question being asked
- Justification was that some companies had made changes to their recursive DNS settings
- Security
- As a justification for not talking to me after making these changes - don't make me laugh
Finally
- They STILL think I own the domains… <?ul>
-
RE: My iPod is disabled...
@arxanas said:
I don't think I can wait this long, though.
@Apple said:
If you repeatedly enter the wrong passcode, iPhone or iPod touch will be disabled for longer intervals, before you can try again. After too many unsuccessful attempts, you won't be able to try again until you connect to the computer you normally sync with.
Not too bad then...