Jump to content

Backdoor, IP change

Guest dan05delaney

By Guest dan05delaney,
in Chat

 Share

Recommended Posts

  • Replies 83
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

eFestivals Mentor

eFestivals

Posted
Posted

Meanwhile, whilst bathing in adulation, forgot to tell anyone that by keeping the manual host entry in place you were halving your chances of getting connection to servers.

I posted to say that the problem had been fixed and that hosts file hack would (then) lessen your chances of success.

I can only put the info out there, I can't make people read it.

Link to comment
Share on other sites
tumbles Community Regular

tumbles

Posted
Posted (edited)

. I know nothing about seetickets but cant beleive they didnt do some load balace testing before the event.. A nice little window of oportunity was 'discovered' and before they could make the required change the 'free' IP address was disclosed.. Nice result all round. Seetickets dont care because a sell out was guaranteed..Meanwhile, whilst bathing in adulation, forgot to tell anyone that by keeping the manual host entry in place you were halving your chances of getting connection to servers.. Pretty shabby all round I recon

Edited by tumbles
Link to comment
Share on other sites
simont123 Newbie

simont123

Posted
Posted

Really dissapointed with Seetickets this year.....I got to the payment page 5 times and it bombed me out/timed out on every single go after I entered my card details etc.

We have a lot of sad people now not able to go. It shouldnt really be able to happen once youre in the site but ive been lucky the past 7 times so cant really complain.

Link to comment
Share on other sites
eFestivals Mentor

eFestivals

Posted
Posted

I would imagine that someone is likely to get a disaplinary for it, it's pretty bad. I can understand why it happened, if you work in IT/Networking typing 192.168.x.x is almost done without thinking.

it's a big and unnecessary cock-up - but like you I completely understand how an IT geek would make that cock-up ... one of the efests servers has an IP address that starts with 194 too, and I often type 192 without thinking. If you're used to working with 192.168.x.x addresses - which most IT peeps are - then it's an easy mistake to make.

So I'm not sure it should be a disciplinary. It's just as much the case that see should have procedures in place so that such things are checked by a second pair of eyes.

What is very weird is that a week ago the DNS was set up correctly, which this post shows...

Link to comment
Share on other sites
parsonjack Mentor

parsonjack

Posted
Posted

That had also crossed my mind. However, if it was an "inside job" you would think that whoever was in the know and using the quiet server would have had their tickets bought in minutes, meaning the cock-up could have been fixed by 9.15am (at the latest) before anyone would have noticed.

The fact the error sat in place for at least a full 45 minutes suggests that it wasn't intentional, although that may itself be an elaborate double bluff!

Link to comment
Share on other sites
artl Newbie

artl

Posted
Posted

LOL and easy to see why they made the typo too. 194.168 vs 192.168 [probably only understood by an IT sort] - love these people who announce "farce" when some bod makes a minor error. - and it actually made no difference - it was corrected, so unless you gave up trying after an hour or so [in which case i guess you will have changed your mind about going] you would still have had the same chance as all the rest ...

Link to comment
Share on other sites
tumbles Community Regular

tumbles

Posted
Posted

LOL and easy to see why they made the typo too. 194.168 vs 192.168 [probably only understood by an IT sort] - love these people who announce "farce" when some bod makes a minor error. - and it actually made no difference - it was corrected, so unless you gave up trying after an hour or so [in which case i guess you will have changed your mind about going] you would still have had the same chance as all the rest ...

Link to comment
Share on other sites
mikeb Newbie

mikeb

Posted
Posted (edited)

That had also crossed my mind. However, if it was an "inside job" you would think that whoever was in the know and using the quiet server would have had their tickets bought in minutes, meaning the cock-up could have been fixed by 9.15am (at the latest) before anyone would have noticed.

The fact the error sat in place for at least a full 45 minutes suggests that it wasn't intentional, although that may itself be an elaborate double bluff!

Edited by mikeb
Link to comment
Share on other sites
Paulvw Newbie

Paulvw

Posted
Posted

It seems like it was a gamble unless you knew what you were doing. I didn't! made the change and still managed to get tickets for 2 groups of people just after 10am. From the comments, it would seem that with the host file changed I was operating on a 50% chance from the time that they fixed it.

I guess that alerting people to it possibly alerted See tickets that there was an error so they then corrected and ease the load on the other server. This probably gave me the opportunity to make the link to the server as the load would I guess have then been shared across 2 servers.

In any case, Thank you Neil you also saved the day in 2004 with the Freya link after trying all night. I've sent you a small donation to say thanks.

Link to comment
Share on other sites
tumbles Community Regular

tumbles

Posted
Posted (edited)

Hmmm, doesn't it mostly depend on the way DNS system works in general as to how long it took to update rather than the speed at which See actually corrected the error ? DNS is generally cached so far as most users are concerned and any update can take a dog's age to propagate depending on the TTL (or whatever) that was set initially. A cached copy of the dodgy DNS record could have been totally valid for anything from several minutes to several days/weeks before ultimately being refreshed with the corrected info following the next lookup on the authoritative server(s).

Good old See some say ... others tell the truth ! I still worship Goddess Freya from the last time See managed to do something remarkably similar but it has to said that worshiping a stupid IP address just wouldn't be the same somehow laugh.png

Edited by tumbles
Link to comment
Share on other sites
ukdaasfan Newbie

ukdaasfan

Posted
Posted

It's easily done. Happens on our hosted platform more often that it should. As for the IP not difficult to find, just do an nslookup.

Ben-Shepherds-MacBook-Pro:etc bshepherd$ nslookup glastonbury.seetickets.com

Server: xxx.xxx.x.xxx

Address: xxx.xxx.x.xxx#53

Non-authoritative answer:

glastonbury.seetickets.com canonical name = seetickets.com.

Name: seetickets.com

Address: 194.168.202.202

Name: seetickets.com

Address: 194.168.202.201

If you monitored the request being sent you'd have noticed the stuff up and could adjust. Luckily for reason to long and boring to go into my TTL was set to 0. Which might have explained why I had no issues getting a ticket. Nice to know to check next time I am having an issue.

Link to comment
Share on other sites
tumbles Community Regular

tumbles

Posted
Posted

What you do is a few days before hand you go in and set the TTL to a very low figure and allow that to propagate. Then when you come to make the actual A record changes, the propagation of the new data is much quicker. Afterwards, you set the TTL back to your confortable level for caching.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.


×
×
  • Create New...