Saturday I got an automated note from one of the DNS servers that suspicious activity was happening, then it started hitting the other – within 2 minutes of checking things out it was found that there may be an exploit of the server on-going, so quickly to avoid any damage to customer DNS, the servers were shut down, and the old DNS servers brought back up until a full audit could be done.
As is the servers themselves are clean – several scans have been done, logs examined and things double checked, but nothing is coming up damaged/exploited, but better safe than sorry the servers are being re-deployed from the ground up! I’d rather take the time to make sure things are 100% clean and not some unknown exploit I missed so clean start! No data will be imported from the old servers to be safe that DNS wasn’t tainted in any way.
So for the time being some DNS may be old, and for that I apologize, I have already worked with a number of customers who DNS modifications disappear when the old servers came back online, so please if you are having any problems at all, please let me know – things should be up and back to full speed by Tuesday evening at the latest, FH2 is nearly finished rebuilding and will go online later this evening re-syncing in all data from the various servers, FH1 will follow suit Tuesday hopefully before noon, but no later than 9pm barring no complications.
If you have any questions please do not hesitate to contact me!