[DNSSEC-Ops] Afrinic DNS Issue -- PNC Bank NA

Filisko, Steven V steven.filisko at pnc.com
Thu Jul 19 15:11:24 UTC 2018


To Whom It May Concern:

I'm from PNC Bank in the US.  We swapped a CNAME in our DNS on 2018-06-27 to move clients to new DataCenters for our Mobile Banking App.

I am seeing a small number of customer client IPs hitting our old Datacenter -- All are IPs registered to AfriNic.

I believe there is a bad cache within your DNS systems.  The TTL should have expired in 300s.
The following are the affected names.

PROPER RESOLUTION:

servicelink1.pnc.com    canonical name = servicelink.glbo.pnc.com.
servicelink2.pnc.com    canonical name = servicelink.glbo.pnc.com.

PREVIOUS RESOLUTION:

servicelink1.pnc.com    canonical name = servicelink1.glbo.pnc.com.
servicelink2.pnc.com    canonical name = servicelink2.glbo.pnc.com.

AfriNic Client IPs:

197.177.160.3
105.165.192.13


Please let me know what can be done about this and let me know if you require additional information!!!

Thanks!

Steve

Steven V. Filisko
Lead Security Engineer / DataPower ATL | PS&A
Product Security & Assurance | Cyber Security
PNC Financial Services Group | Cleveland
steven.filisko at pnc.com



The contents of this email are the property of PNC. If it was not addressed to you, you have no legal right to read it. If you think you received it in error, please notify the sender. Do not forward or copy without permission of the sender. This message may be considered a commercial electronic message under Canadian law or this message may contain an advertisement of a product or service and thus may constitute a commercial electronic mail message under US law. You may unsubscribe at any time from receiving commercial electronic messages from PNC at http://pages.e.pnc.com/globalunsub/
PNC, 249 Fifth Avenue, Pittsburgh, PA 15222; pnc.com


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/dnssec-ops/attachments/20180719/c3ff8553/attachment.html>


More information about the DNSSEC-Ops mailing list