Microsoft Hacked Again? A Break in Is a Possibility at Microsoft internet.com Staff
Wednesday morning's domain name server problems at Microsoft Corp. could be the result of a break in, despite the company's claim it was an internal data center problem.
If so, that would make it the second time in less than a year Microsoft's network has been compromised.
In what could very well be a Denial of Service attack, Microsoft technicians are trying to correct problems with its four domain name servers, which respond only sporadically to DNS queries. Hardware problems could be the reason, but indicators are pointing at a possible break in.
Magnus Bodin, a network developer at Internet consultancy company Framfab in Sweden, noted that all four Microsoft DNS servers were located under one network segment and one IP subnet (207.46.138.xx), making it easy for infiltrators to compromise.
"It makes it easier because you just have to attack one single subnet, that's the reason I first suspected the server was attacked," Bodin said. "If you're hosting a lot of domains, and you have delegated those domains to separate servers, they should always be on separate subnets. No one real professional DNS host would do (what Microsoft did), and that's a fact."
Microsoft, however maintains that the problems were due to internal problems at its data center.
