CloudFlare Puts Pirate Sites on New IP Addresses, Avoids Cogent Blockade (torrentfreak.com) 88
Earlier this month, several users worldwide reported that they were unable to access pirate websites including the Pirate Bay. It was because the internet backbone network of Cogent Communications had blackholed the CloudFlare IP-address of pirate websites. Less than a week later, CloudFlare is fighting back. From a report on TorrentFreak: The Pirate Bay and dozens of other pirate sites that were blocked by Cogent's Internet backbone are now accessible again. CloudFlare appears to have moved the sites in question to a new pair of IP-addresses, effectively bypassing Cogent's blackhole. [...] As of yesterday, the sites in question have been assigned the IP-addresses 104.31.16.3 and 104.31.17.3, still grouped together. Most, if not all of the sites, are blocked by court order in the UK so this is presumably done to prevent ISP overblocking of 'regular' CloudFlare subscribers.
All they have to do (Score:2)
But all Cogent has to do is resolve the names and update their block to reflect it, this could be automated
Re:All they have to do (Score:5, Funny)
Then all CloudFlare has to do is verify if the new addresses are blocked and change them if necessary, this could be automated.
Re: (Score:1)
And so on, and so on, until the entire internet is just one big block. I figure it could take less than 20 minutes once it starts.
Re:All they have to do (Score:5, Funny)
Well that's one way to force IPv6 deployment.
Re: (Score:2)
Re: (Score:2)
This is exactly how I pictured it all ending. I better run out and buy all the bread and milk I can find.
Re: (Score:2)
Then all they would have to do is:
www.thepiratebay.org A 86400 0.0.0.0
You really think they're going to trust a 3rd party (the same party they're trying to block) to give them the accurate addresses?
Re: (Score:2)
I thought they already did that.
The IP block is presumably there now because people are just putting the IP addresses in to get around the DNS black hole.
Re: (Score:3)
Blacklist 0.0.0.0/32? Feh.... I have an even better idea...:
www.thepiratebay.org A 120 38.100.128.10
www.thepiratebay.org A 120 38.119.116.148
www.thepiratebay.org A 120 81.2.129.253
www.thepiratebay.org A 120 66.28.0.14
www.thepiratebay.org A 120 66.28.0.30
www.thepiratebay.org A 120 66.28.3.10
www.thepiratebay.org A 120 80.245.32.74
www.thepiratebay.org A 120 80.91.64.50
www.thepiratebay.org AAAA 120 2001:550:1:a::d
www.thepiratebay.org AAAA 120 2001:550:1:b::d
www.thepiratebay.org AAAA 120 2001:550:1:c::d
www.the
Re: (Score:2)
Re: (Score:2)
yeah, adding a reverse DNS lookup for every packet on a backbone... ouch. Which still wouldn't work anyway, as 104.31.16.3 has no PTR record pointing to it
TPB on TOR (Score:2)
Meanwhile, The Pirate Bay has .onion address on TOR [uj3wazyk5u4hnvtk.onion], and that one was still running during the whole situation.
(It can't technically be blocked that easily.)
Re: (Score:1)
And watch as every single ISP drops Cogent so that their customers can access the internet. Their are so many sites on Cloudflare that if they were blocked, Customers would move from any ISP that would not let them access their sites.
No Discord, Udacity , Stackoverflow for starters,
For their next trick... (Score:2, Funny)
They need to identify UK government websites that are using cloudflare, and put them on the blackholed IP's.
Re:For their next trick... (Score:5, Insightful)
Redirect all UK government websites to this address [youtube.com] instead.
Re: (Score:2)
Also redirect all requests made from UK government computers to that address.
Re: (Score:2)
URLs resolve to __ _________. (hint:IP addresses)
Re: For their next trick... (Score:4, Insightful)
You did say URI. You could have said URL. It was, after all, a URL. This page [danielmiessler.com] gives a good description of the difference as well as a guide for responding to the statement, "Actually, that’s called a URI, not a URL"
The response to this correction can range from quietly thinking this person needs to get out more, to agreeing indifferently via shoulder shrug, to removing the safety clasp on a Katana.
Re: (Score:3)
That's not an IP address, it is a URI
He called it an address, not an IP address. "URL" is close enough to being synonymous with "web address."
Re: (Score:2)
The 80's rocked.
Re: (Score:1)
Cogent is shit (Score:1)
Level3 should have nuked it when they were caught hot-potato routing in violation of peering agreements
Funny (Score:5, Interesting)
Surely there are some MPAA/RIAA members who use Cloudfare.
Cloudfare should switch their sites to the previously blocked IP addresses.
The solution is unfortunately national segregation (Score:5, Interesting)
We already have nations cutting off Internet during times of unrest, and applying massive filtering and spying efforts against communications to and from their populations regardless.
If you're going to apply national laws to an international system, that system is going to need to be chopped up into pieces that fit the political borders.
That really sucks if your nation is surrounded by nations who disagree on what should be passed through their borders, so ultimately there needs to be some kind of Internet Treaty, where it is agreed that traffic is only to be interfered with if one of the end points is domestic, or by agreement with one of the governments with authority over an end point.
Let governments be responsible for the border filters (and, presumably, spying), and then private companies like Cogent will have no interest in taking actions like IP block blacklisting.
Re: (Score:2)
You can limit the bandwidth severely, and if you control the chokepoints for the trunks you can choose to only let through what you can scan and approve.
Yes, people can pass messages through steganography, or sneakernet, or radio links... but that's trivial to make illegal and while you can't easily enforce such laws they can be enforced well enough to reduce state-prohibited communications significantly.
So yes, the Internet can route around it... but when 'around it' means around the 'around the area conta
Re: (Score:2)
Your memory is embarrassingly short, since it's not been that long since we've actually seen governments kill their Internet.
You can indulge in your 'information wants to be free' fantasies all you want, but the only thing stopping governments from effectively controlling their Internet is the cost of the required infrastructure and the negative effect it would bring to their economy.
Reducing the 'Information Superhighway' to a pedestrian path with a guard at the border crossing isn't impossible.
Re: (Score:2)
Well, at least you're smart enough to post your stupidity as AC so it doesn't stick to you.
Re:The solution is unfortunately national segregat (Score:5, Insightful)
Not true.
It's a game of diminishing returns but there's never an absolute winner.
You can make it nearly impossible to circumvent, and then someone can build a complex circumvention...and so on. Remember when 'hacking' was dumping the plaintext password database after booting off a floppy?
You can make censorship difficult enough to circumvent that people will find something else to do...but the cost (implementation and maint) in that is very high.
Someone Revoke Cogent's Common Carrier Status (Score:1, Insightful)
Fuck those greedy nI-ggers
Show of hands .. (Score:2)
... who didn't see this coming?
Vaguely related - I'm probably asking for trouble. (Score:1)
If you ignore all of the grandiose claims of stopping spam, disabling malware and blocking advertising, yes - running the software does create a rather large, correctly formatted hosts file, one which does include multiple custom host definitions which blackhole numerous known malware sites. By incorporating host entries for web browser favorites, the software does speed page load times by eliminating DNS lookups. In this regard, the Host File Engine per
Re: (Score:2)
Your software is just fine - well written, functional. Your claims that it's practically the cure for all the internet's woes are over-the-top and make you seem rather like the current POTUS. Your bellicose and acerbic posts, combined with your repeatedly posting straight binspam have given you a reputation here wh