Re: [Full-Disclosure] mail.yahoo.com issue

From: Gregory A. Gilliss (ggilliss_at_netpublishing.com)
Date: 08/19/04

  • Next message: Andrew Farmer: "Re: [Full-Disclosure] Electronic Voting Machines - WinVote by Adv anced Voting Solutions"
    To: full-disclosure@lists.netsys.com
    Date: Thu, 19 Aug 2004 10:43:45 -0700
    
    

    What you may be seeing is a typical implementation on large networks where
    load balancing is performed on the front end connections. In the event that
    the service is not available from the pool of primary servers, a secondary
    pool can be made available that returns something along the lines of "line
    busy, please try again later". Refreshing may or may not reproduce the page
    since the condition that caused the session to be directed to the lower
    priority pool may no longer exist at the time the refresh is performed.

    Basically, for large sites like Yahoo, it's a nicer way of responding than
    "404 - Page Not Found".

    -- Greg

    On or about 2004.08.19 09:49:43 +0000, LaRose, Dallas (dlpassport@s2access.com) said:

    > When visiting http://mail.yahoo.com, occasionally the server will serve up a
    > strange page saying only "do you yahoo?". With a few refreshes (which
    > likely pulls the content from other servers), you will get to the yahoo mail
    > login page. It looks like some of their servers are not returning correct
    > results. I'm not sure whether it's malicious, but it's worth noting....
    >
    > Source of strange page:
    >
    > <html><head><title>do you yahoo?</title></head>
    > <body>
    > <h1>do you yahoo?</h1>
    > </body></html>
    >
    > <!-- l27.login.scd.yahoo.com compressed/chunked Thu Aug 19 07:38:10 PDT 2004
    > -->

    -- 
    Gregory A. Gilliss, CISSP                              E-mail: greg@gilliss.com
    Computer Security                             WWW: http://www.gilliss.com/greg/
    PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: Andrew Farmer: "Re: [Full-Disclosure] Electronic Voting Machines - WinVote by Adv anced Voting Solutions"

    Relevant Pages

    • Re: DNS aging/scavenging
      ... restart on the affected servers and hopefully get them back in sync again. ... they have stopped refreshing their records. ... Have you stopped or disabled the DHCP client service? ...
      (microsoft.public.windows.server.dns)
    • Re: questions Digest, Vol 113, Issue 20
      ... cavern where the particle detector's master clock sits. ... servers which then are used by your servers. ... but as long as *one* randomly selected pool server may turn out ... Jochen Bern, ...
      (comp.protocols.time.ntp)
    • Re: Threading advice sought
      ... tcl, or are at the C level (mapping shared memory pages, or simply ... You can think about it in terms of other servers. ... create new COM objects for every request, ... or create a pool of COM objects for reuse. ...
      (comp.lang.tcl)
    • Re: load balance of DNS
      ... With stock DNS, no; all you can do is recommend by ordering the responses. ... There are load-balancing DNS servers (they have a ... pool of responses, and hand out an answer of that pool, based on rules, and ...
      (comp.protocols.dns.bind)
    • Architecture / best practice for small/medium company setups
      ... on NTP setups for small and medium companies. ... The first few questions are about selection of time servers: ... -- I assume that the company should use the NTP server pool, ... -- How many timeservers on the LAN that are accessed by clients? ...
      (comp.protocols.time.ntp)