Cloudflare getting pwnd again

Cloudflare DNS's 1111 resolver has been BGP-hijacked
this morning by AS58879
twitter.com/x0rz/status/1001446835557470208

This is what you get for centralizing resources and trusting the botnet.

Other urls found in this thread:

128.199.177.21/
206.223.147.214
206.223.147.215
twitter.com/SFWRedditGifs

This can happen to literally anything and is unstoppable because of how the packets are routed. Cloudflare literally did nothing wrong.

quints confirm

also, use OpenNIC

Attached: 5030dd39.png (300x125, 20.72K)

Many people seem to think that Cuckflare helps to protect against DDoS attacks. This is, in fact, incredibly easy to circumvent.
Cuckflare "protects" against DDoS by basically being a DNS-enforced MitM of you and the site it "protects". Therefore, finding the real IP address would enable one to circumvent the DDoS "protection".
The real IP address can be found easily for any website. First you need a tool which scans lots of IP addresses quickly. zmap is a reasonable choice. Then, you need to scan port 80 or 443 (depending on the site) and obtain a list of all addresses with those ports open. Afterwards, you download the front page of each of those (zgrab does it quickly) and search for a unique string only appearing in the site you target. This will net you the IP address of the site, which you can then attack at any time.
If you know the country the site is hosted in, that makes the scan even quicker and easier because you only need to scan a subset of all the possible IP addresses.
Someone give me a site which uses cuckflare which you want to obtain the real IP of; I can't think of any besides Zig Forums but we already know the real IP of that.

Attached: 9ab0805dcd1bf7db8ab34b1ef207124b8c16ef9e4d8f1d1a544d46db20b2a1f3.png (1092x1080, 602.8K)

Get the fuck out of here, you worthless piece of shit. Pic very related.

Attached: 919052e85efc6d21725499388f33a3df9152a72f5546664f8b535037beefa233.png (1125x681, 139.45K)

You know what else is easy to circumvent? Your shitty attack.

Perhaps it's easy to guard against, but many websites don't do so. 32chan is an example: 128.199.177.21/ is the real IP, but an nslookup on 32ch.org gives 104.24.99.130 which is a Cuckflare IP.

Its retarded site owners, again nothing to do with cloudflare.

yeah the 32chan admin seem to be a bit retarded.

Attached: 4afbb21011033d5e81a660953e962047ec69cab9787a76e7d24cec1ff7fcf39e.png (578x187, 22.19K)

No one said otherwise, but it literally painted itself as a target when it announced that it was gratis and faster.
Because since when cloudflare isn't CIA nigger tier ?

CloudFlare protects this site pretty well from you script kid assholes.

Implying I'm not aware of that.
.t Tor user.

HAHAHAHAHAHAHAHA
Zig Forums's real IP is 206.223.147.214
Protection my fucking ass

Attached: 7f24aeb9d95efdaec660b27da4f22216f1bbaf7898ba9ea684a2172c4c5f9325.png (1520x1080, 1.18M)

Thats just one server user

If Zig Forums protects itself by having multiple servers, then cuckflare isn't relevant anyway.
tl;dr cuckflare is a useless flaming heap of MitM

There's another one at 206.223.147.215 as well

Thats not how servers work user

You got BTFO in the IPFS thread didn't you?

Attached: 00b4f919453967a1a3bbda73dbd54bc601186300de05fc04940268eac9fcbfb1.png (488x500, 238.67K)

I love IPFS user.

Attached: DWdt_S9X4AAeBGC.jpg (1016x1024, 138.64K)

...

Centralization promotes destruction.

*Centralized services work now while distributed ones are fucked
FTFY

I agree. Now when are you leaving Zig Forums forever.

Anyone who would actually it as their DNS deserves it.

TCP/IP is a good system for computer intercommunication, rite guise?

This has nothing to do with TCP. It is a problem with DNS, which can in theory be replaced without disturbing TCP at all.

shut the fuck up, cuck

syn flood every N IPs until your target site goes down (where N is proportional to the amount of bandwidth you have). also you can simply launch an application layer attack against the site and cuckflare will let it through (by design since no WAF can magically figure out that you're doing something that results in disproportionate computation on the server)

only retards use cuckflare in the first place

cuckflare protects against nothing. all it ever amounted to was blocking tor from all the webscale garbage on the internet (namely .io domains). this can be bypassed for 99.99999% of sites by using tor browser or setting your user agent to that of tor browser, for example my config in palemoon (works on firefux and any firefux fork):
general.useragent.override;Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0

hltv.org although im pretty sure i already have their ip, their site is out of date and doesnt even have captcha for logging in, they also had an sql leak before

Remember: I love to suck cock!

Attached: _femboi_bunny__by_lorddragonmaster.jpg (666x800, 278.74K)

Tell me how you gonna resolve IP addresses securely when just one router between you and the destination is hijacked and does LARP spoofing? Pro tip: youre fucked kiddo, but proper systems like cjdns and GNUNet do not have this puroburemo.

...

Nah, I block those botnet DNS in my firewall. Can't do much about CF proxy servers though. At least not until I go full gopher.

Attached: bounce.gif (500x400, 1.21M)

Gopher is going to have anti DDOS proxies all the same.

No, because the normies will never use it.

normals aren't the ones doing ddos attacks.

Yeah but they only attack sites where people will notice and care that it went offline. Almost nobody uses gopher, and those sites don't have CF proxy because there was never a need.

can you help me get the ip to gflclan.com, i have an sql leak from the site and want to see what more i can dig up

That site doesn't even use cloudflare, though. The IP is 192.99.230.204 (from nslookup).

Attached: 0cfddab3d91d50a4ef8c9d0e88380c1645f37ad35a415bcc7b39d4192e209b5f.jpg (1000x900, 351.06K)

working on it. should have the IP within 4 days or so