[ / / / / / / / / / / / / / ] [ dir / animu / ausneets / cafechan / loomis / rel / roze / sg / vg ][Options][ watchlist ]

/tech/ - Technology

You can now write text to your AI-generated image at https://aiproto.com It is currently free to use for Proto members.
Name
Email
Subject
Comment *
File
Select/drop/paste files here
Password (Randomized for file and post deletion; you may also set your own.)
* = required field[▶ Show post options & limits]
Confused? See the FAQ.
Expand all images

[–]

 No.922221>>922233 >>922291 [Watch Thread][Show All Posts]

Cloudflare DNS's 1111 resolver has been BGP-hijacked

this morning by AS58879

https://twitter.com/x0rz/status/1001446835557470208

This is what you get for centralizing resources and trusting the botnet.

 No.922222>>922228 >>922233 >>922254 >>922448 >>922627

>This is what you get for centralizing resources

This can happen to literally anything and is unstoppable because of how the packets are routed. Cloudflare literally did nothing wrong.


 No.922228>>922233 >>922237

>>922222

quints confirm


 No.922233>>922237

File (hide): edf265ed0db29f9⋯.png (20.72 KB, 300x125, 12:5, 5030dd39.png) (h) (u)

>>922221 (OP)

>>922222

>>922228

also, use OpenNIC


 No.922236>>922239 >>922457 >>922670

Many people seem to think that Cuckflare helps to protect against DDoS attacks. This is, in fact, incredibly easy to circumvent.

Cuckflare "protects" against DDoS by basically being a DNS-enforced MitM of you and the site it "protects". Therefore, finding the real IP address would enable one to circumvent the DDoS "protection".

The real IP address can be found easily for any website. First you need a tool which scans lots of IP addresses quickly. zmap is a reasonable choice. Then, you need to scan port 80 or 443 (depending on the site) and obtain a list of all addresses with those ports open. Afterwards, you download the front page of each of those (zgrab does it quickly) and search for a unique string only appearing in the site you target. This will net you the IP address of the site, which you can then attack at any time.

If you know the country the site is hosted in, that makes the scan even quicker and easier because you only need to scan a subset of all the possible IP addresses.

Someone give me a site which uses cuckflare which you want to obtain the real IP of; I can't think of any besides 8chan but we already know the real IP of that.


 No.922237

File (hide): 919052e85efc6d2⋯.png (139.45 KB, 1125x681, 375:227, 919052e85efc6d21725499388f….png) (h) (u)

>>922228

>>922233

Get the fuck out of here, you worthless piece of shit. Pic very related.


 No.922239>>922243 >>922448

>>922236

>This is, in fact, incredibly easy to circumvent.

You know what else is easy to circumvent? Your shitty attack.

<Lol just scan the entire internet until you find the site you are looking for.

You just configure your webserver to only respond to cloudflare. They even have an easy way to configure it.


 No.922243>>922245

>>922239

Perhaps it's easy to guard against, but many websites don't do so. 32chan is an example: http://128.199.177.21/ is the real IP, but an nslookup on 32ch.org gives 104.24.99.130 which is a Cuckflare IP.


 No.922245>>922253 >>922448

>>922243

>but many websites don't do so

Its retarded site owners, again nothing to do with cloudflare.


 No.922253

>>922245

yeah the 32chan admin seem to be a bit retarded.


 No.922254>>922256

>>922222

>This can happen to literally anything

No one said otherwise, but it literally painted itself as a target when it announced that it was gratis and faster.

>Cloudflare literally did nothing wrong.

Because since when cloudflare isn't CIA nigger tier ?


 No.922256>>922259 >>922260 >>922448

>>922254

>Because since when cloudflare isn't CIA nigger tier ?

CloudFlare protects this site pretty well from you script kid assholes.


 No.922259

>>922256

Implying I'm not aware of that.

.t Tor user.


 No.922260>>922263

>>922256

>cloudflare

>protecting this site at all

HAHAHAHAHAHAHAHA

8chan's real IP is http://206.223.147.214

Protection my fucking ass


 No.922263>>922265 >>922266

>>922260

Thats just one server anon


 No.922265>>922267

>>922263

If 8chan protects itself by having multiple servers, then cuckflare isn't relevant anyway.

tl;dr cuckflare is a useless flaming heap of MitM


 No.922266

>>922263

There's another one at http://206.223.147.215 as well


 No.922267>>922268

>>922265

>If 8chan protects itself by having multiple servers, then cuckflare isn't relevant anyway.

Thats not how servers work anon


 No.922268>>922274 >>922276

File (hide): 00b4f919453967a⋯.png (238.67 KB, 488x500, 122:125, 00b4f919453967a1a3bbda73db….png) (h) (u)

>>922267

>brazen as fuck

>doesn't know what apostrophes are

>refers to everyone as "anon" at all times

You got BTFO in the IPFS thread didn't you?


 No.922274

File (hide): 60d5a3d34574888⋯.jpg (138.64 KB, 1016x1024, 127:128, DWdt_S9X4AAeBGC.jpg) (h) (u)

>>922268

I love IPFS anon.


 No.922276

>>922268

>>doesn't know what apostrophes are

>Perfect punctuation on an image board


 No.922281>>922283 >>922284

Centralization promotes destruction.


 No.922283

>>922281

*Centralized services work now while distributed ones are fucked

FTFY


 No.922284

>>922281

>Centralization promotes destruction.

I agree. Now when are you leaving 8chan forever.


 No.922291

>>922221 (OP)

Anyone who would actually it as their DNS deserves it.


 No.922434>>922437

TCP/IP is a good system for computer intercommunication, rite guise?


 No.922437>>922484

>>922434

>BLURR GDURR PHBTETLLELBETBT

This has nothing to do with TCP. It is a problem with DNS, which can in theory be replaced without disturbing TCP at all.


 No.922448

>>922222

shut the fuck up, cuck

>>922239

syn flood every N IPs until your target site goes down (where N is proportional to the amount of bandwidth you have). also you can simply launch an application layer attack against the site and cuckflare will let it through (by design since no WAF can magically figure out that you're doing something that results in disproportionate computation on the server)

>>922245

only retards use cuckflare in the first place

>>922256

cuckflare protects against nothing. all it ever amounted to was blocking tor from all the webscale garbage on the internet (namely .io domains). this can be bypassed for 99.99999% of sites by using tor browser or setting your user agent to that of tor browser, for example my config in palemoon (works on firefux and any firefux fork):

general.useragent.override;Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0


 No.922457>>922686

>>922236

hltv.org although im pretty sure i already have their ip, their site is out of date and doesnt even have captcha for logging in, they also had an sql leak before


 No.922484>>922614

>>922437

Tell me how you gonna resolve IP addresses securely when just one router between you and the destination is hijacked and does LARP spoofing? Pro tip: youre fucked kiddo, but proper systems like cjdns and GNUNet do not have this puroburemo.


 No.922614

>>922484

>He thinks CJDNS does anything to deal with ARP spoofing


 No.922627>>922629

File (hide): 2bd13bc9d87b2d1⋯.gif (1.21 MB, 500x400, 5:4, bounce.gif) (h) (u)

>>922222

Nah, I block those botnet DNS in my firewall. Can't do much about CF proxy servers though. At least not until I go full gopher.


 No.922629>>922638

>>922627

Gopher is going to have anti DDOS proxies all the same.


 No.922638>>922648

>>922629

No, because the normies will never use it.


 No.922648>>922658

>>922638

normals aren't the ones doing ddos attacks.


 No.922658

>>922648

Yeah but they only attack sites where people will notice and care that it went offline. Almost nobody uses gopher, and those sites don't have CF proxy because there was never a need.


 No.922670>>922684

>>922236

can you help me get the ip to gflclan.com, i have an sql leak from the site and want to see what more i can dig up


 No.922684

>>922670

That site doesn't even use cloudflare, though. The IP is 192.99.230.204 (from nslookup).


 No.922686

>>922457

working on it. should have the IP within 4 days or so




[Return][Go to top][Catalog][Screencap][Nerve Center][Cancer][Update] ( Scroll to new posts) ( Auto) 5
38 replies | 9 images | Page ?
[Post a Reply]
[ / / / / / / / / / / / / / ] [ dir / animu / ausneets / cafechan / loomis / rel / roze / sg / vg ][ watchlist ]