[tor-relays] How to exclude a CDN ?
Toralf Förster
toralf.foerster at gmx.de
Tue Aug 9 16:38:29 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Got few times an informal report containing something like:
It is most likely the attack traffic is directed at one of the following endpoints:
account.sonyentertainmentnetwork.com
auth.np.ac.playstation.net
auth.api.sonyentertainmentnetwork.com
auth.api.np.ac.playstation.net
I was just wondering how would somebody handle a request to exclude those IP addresses, b/c 2 attempts to get the affected netwrok gives:
# host account.sonyentertainmentnetwork.com
account.sonyentertainmentnetwork.com is an alias for account.sonyentertainmentnetwork.com.edgekey.net.
account.sonyentertainmentnetwork.com.edgekey.net is an alias for e380.b.akamaiedge.net.
e380.b.akamaiedge.net has address 104.109.72.158
# whois 104.109.72.158 | grep CIDR
CIDR: 104.64.0.0/10
CIDR: 104.109.64.0/20
and at another system :
~/devel/wireshark $ host account.sonyentertainmentnetwork.com
account.sonyentertainmentnetwork.com is an alias for account.sonyentertainmentnetwork.com.edgekey.net.
account.sonyentertainmentnetwork.com.edgekey.net is an alias for e380.b.akamaiedge.net.
e380.b.akamaiedge.net has address 184.24.193.168
$ whois 184.24.193.168 | grep CIDR
CIDR: 184.24.0.0/13
CIDR: 184.24.192.0/20
- --
Toralf
PGP: C4EACDDE 0076E94E, OTR: 420E74C8 30246EE7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iF4EAREIAAYFAleqBwUACgkQxOrN3gB26U7YXQD+PHgO8nVRo01abzdu1P7zC6TZ
gDMkb+L51zt/k7hBJOsA/0czdSd8p8AnINKx+FP2Gi5ZSjVzzBuUM9o+htw5BdIX
=Tz+I
-----END PGP SIGNATURE-----
More information about the tor-relays
mailing list