Hacking DNS Server Blocks Nintendo Addresses
- Thread starter Ninja_Carver
- Start date
- Views 7,518
- Replies 28
- Likes 4
no it blocks everything nintendo related apparantly. but once i have somebody else confirm how to set this up. ill post back and let you no for deffinate
guise, I don't have a WiiU. This DNS server blocks WHAT I BELIEVE is all Nintendo content. I don't expect you will be able to use the eShop. But I see several people are already using the server. Maybe they can chime in and report their results.
Put the address on the first post as Primary DNS, ignore the Secondary, and there won't be access to online play, be it directly playing with others as in Mario Kart 8 or the weird thing from Hyrule Warriors, eShop, Miiverse, uPlay... nothing at all, you get an error immediately after choosing that option. The only thing that seems to work is the Internet Browser.
By blocking the six entries in Bug_Checker_'s post in your router you can still play online but don't have access to eShop but everything else works. I currently have a notification that there's a system update that couldn't be downloaded, with a red X on it using this and not the server. I only know how to do it on a DD-WRT router.
I have this under commands running at startup:
I dunno how this affects the 3DS, though I'd like to know what to block with such precission as in that post.
EDIT: Blocking those doesn't seem to work anymore. Just editing this out for future references.
By blocking the six entries in Bug_Checker_'s post in your router you can still play online but don't have access to eShop but everything else works. I currently have a notification that there's a system update that couldn't be downloaded, with a red X on it using this and not the server. I only know how to do it on a DD-WRT router.
I have this under commands running at startup:
Code:
iptables -I FORWARD -d nus.cdn.wup.shop.nintendo.net -j DROP
iptables -I FORWARD -d nus.wup.shop.nintendo.net -j DROP
iptables -I FORWARD -d 23.65.181.75 -j DROP
iptables -I FORWARD -d 96.17.161.145 -j DROP
iptables -I FORWARD -d 184.50.229.158 -j DROP
iptables -I FORWARD -d 184.50.229.137 -j DROPI dunno how this affects the 3DS, though I'd like to know what to block with such precission as in that post.
EDIT: Blocking those doesn't seem to work anymore. Just editing this out for future references.
This is good info. I'd like to hear from Bug_Checker how he came up with the IP's to block (not the DNS hostnames). The issue with DNS is that it's purpose is to resolve name's to IP's. So in order to adequately block those IP's I'd need to know what the hosts were before they were resolved to IP's. Hopefully that makes some sense...
What i essentially did, was create a few fake zones on this DNS server, 'nintendo.net' 'nintendowifi.net' and 'akamaitechnologies.com'.
As of today, here are all of the DNS queries that have come through my DNS server. This forum is the only place I've posted the IP, so I assume this is only traffic from WiiU's. What we need to do is identify the particular hosts that the WiiU is querying for updates, and block those only.
Code:
(0-edge-chat.facebook.com):
(1-edge-chat.facebook.com):
(3-edge-chat.facebook.com):
(7f0d03ab.openresolverproject.org):
(a184-50-227-137.deploy.static.akamaitechnologies.com):
(a184-50-229-158.deploy.static.akamaitechnologies.com):
(a96-17-161-145.deploy.akamaitechnologies.com):
(aax.amazon-adsystem.com):
(about):
(account.nintendo.net):
(accounts.google.com):
(accounts.google.fr):
(accounts.youtube.com):
(ad.doubleclick.net):
(adserver.exoticads.com):
(ads.yahoo.com):
(api-eu.olv.nintendo.net):
(api.flattr.com):
(apis.google.com):
(api.soundcloud.com):
(api-v2.soundcloud.com):
(as.casalemedia.com):
(a-v2.sndcdn.com):
(bcp.crwdcntrl.net):
(bid.g.doubleclick.net):
(books.google.it):
(button.flattr.com):
(c.amazon-adsystem.com):
(c.betrad.com):
(cbphotovideo.s3.amazonaws.com):
(cbsi.demdex.net):
(ccs.c.shop.nintendowifi.net):
(cdm.cursecdn.com):
(cdn02.nintendo-europe.com):
(cdn.content.exoticads.com):
(cdn.syndication.twitter.com):
(cfg-loader-mod.googlecode.com):
(cgi2.nintendo.co.jp):
(chaturbate.com):
(clients1.google.com):
(clients1.google.fi):
(clients1.google.fr):
(clients1.google.it):
(cm.g.doubleclick.net):
(com):
(conjurorthegame.com):
(connect.facebook.net):
(conntest.nintendowifi.net):
(csi.gstatic.com):
(cx.atdmt.com):
(d3rqsl5z8ym7ju.cloudfront.net):
(d7zqwa95stc72.cloudfront.net):
(d.adroll.com):
(db.gamefaqs.com):
(de.chaturbate.com):
(defcon.org):
(developers.pinterest.com):
(dhrt.e24a4436.wc.syssec-research.mmci.uni-saarland.de):
(dl.dropboxusercontent.com):
(dnsscan.shadowserver.org):
(docs.google.com):
(drive.google.com):
(dw.cbsi.com):
(ecs.c.shop.nintendowifi.net):
(ecs.wup.shop.nintendo.net):
(edge.quantserve.com):
(encrypted-tbn0.gstatic.com):
(encrypted-tbn1.gstatic.com):
(encrypted-tbn3.gstatic.com):
(eventlogger.soundcloud.com):
(facebook.com):
(farm8.staticflickr.com):
(farm9.staticflickr.com):
(fbcdn-dragon-a.akamaihd.net):
(fbcdn-photos-f-a.akamaihd.net):
(fbcdn-profile-a.akamaihd.net):
(fbcdn-sphotos-a-a.akamaihd.net):
(fbcdn-sphotos-b-a.akamaihd.net):
(fbcdn-sphotos-c-a.akamaihd.net):
(fbcdn-sphotos-d-a.akamaihd.net):
(fbcdn-sphotos-e-a.akamaihd.net):
(fbcdn-sphotos-f-a.akamaihd.net):
(fbcdn-sphotos-g-a.akamaihd.net):
(fbcdn-sphotos-h-a.akamaihd.net):
(fbcdn-vthumb-a.akamaihd.net):
(fbexternal-a.akamaihd.net):
(fbstatic-a.akamaihd.net):
(feed43.com):
(filetrip.net):
(flattr.com):
(fonts.adobe.com):
(fonts.googleapis.com):
(fonts.gstatic.com):
(fpdownload.macromedia.com):
(fuck.app.nintendowifi.net):
(g2.symcb.com):
(gbatemp.net):
(g.engagelab.com):
(geo2.adobe.com):
(geoservice.curse.com):
(get3.adobe.com):
(get.adobe.com):
(gn.symcd.com):
(go.gateway-3ds.com):
(googleads.g.doubleclick.net):
(graph.facebook.com):
(g.symcd.com):
(gtssl2-ocsp.geotrust.com):
(gu.symcd.com):
(gv.symcd.com):
(hackmii.com):
(hbc.hackmii.com):
(i1338.photobucket.com):
(i1.sndcdn.com):
(i1.ytimg.com):
(i33.photobucket.com):
(i46.photobucket.com):
(i57.tinypic.com):
(i58.tinypic.com):
(i59.tinypic.com):
(i60.tinypic.com):
(i62.tinypic.com):
(ib.adnxs.com):
(i.imgur.com):
(images.dmca.com):
(images.google.com):
(imageshack.com):
(imagizer.imageshack.us):
(img.youtube.com):
(i.nintendo.net):
(it.chaturbate.com):
(it-it.facebook.com):
(it.pinterest.com):
(i.w55c.net):
(i.ytimg.com):
(jobs.nintendo.de):
(js.indexww.com):
(js.revsci.net):
(l.betrad.com):
(lh3.googleusercontent.com):
(lh4.googleusercontent.com):
(lh5.googleusercontent.com):
(lh6.googleusercontent.com):
(l-npns.app.nintendo.net):
(mail.google.com):
(maps.google.fi):
(maps.google.fr):
(maps.google.it):
(microsite.nintendo-europe.com):
(miiverse.nintendo.net):
(m.neogaf.com):
(ms.nintendo-europe.com):
(nasc.nintendowifi.net):
(news.google.it):
(ninja.wup.shop.nintendo.net):
(nncs1.app.nintendowifi.net):
(nncs2.app.nintendowifi.net):
(nos.nintendo-europe.com):
(nppl.app.nintendo.net):
(nppl.c.app.nintendowifi.net):
(nus.cdn.c.shop.nintendowifi.net):
(nus.c.shop.nintendowifi.net):
(nus.wup.shop.nintendo.net):
(oauth.googleusercontent.com):
(ocsp2.globalsign.com):
(ocsp.digicert.com):
(ocsp.geotrust.com):
(ocsp.globalsign.com):
(ocsp.godaddy.com):
(ocsp.omniroot.com):
(ocsp.starfieldtech.com):
(ocsp.thawte.com):
(ocsp.verisign.com):
(origin11.stream.highwebmedia.com):
(origin12.stream.highwebmedia.com):
(origin13.stream.highwebmedia.com):
(origin14.stream.highwebmedia.com):
(origin15.stream.highwebmedia.com):
(origin16.stream.highwebmedia.com):
(origin2.stream.highwebmedia.com):
(origin3.stream.highwebmedia.com):
(origin5.stream.highwebmedia.com):
(origin7.stream.highwebmedia.com):
(ox-d.adobe.com):
(ox-d.curse.servedbyopenx.com):
(p4-dqyohtrkwtr4e-5mmwre4hsg4qsgdm-551121-i1-v6exp3-v4.metric.gstatic.com):
(p4-dqyohtrkwtr4e-5mmwre4hsg4qsgdm-551121-i2-v6exp3-ds.metric.gstatic.com):
(p4-dqyohtrkwtr4e-5mmwre4hsg4qsgdm-551121-s1-v6exp3-v4.metric.gstatic.com):
(p4-dqyohtrkwtr4e-5mmwre4hsg4qsgdm-if-v6exp3-v4.metric.gstatic.com):
(p4-g456vqnaoooge-yfntoqf2c5nvpveb-601312-i1-v6exp3-ds.metric.gstatic.com):
(p4-g456vqnaoooge-yfntoqf2c5nvpveb-601312-i2-v6exp3-v4.metric.gstatic.com):
(p4-g456vqnaoooge-yfntoqf2c5nvpveb-if-v6exp3-v4.metric.gstatic.com):
(pagead2.googlesyndication.com):
(partner.googleadservices.com):
(pix04.revsci.net):
(pixel.facebook.com):
(pixel.quantserve.com):
(platform.twitter.com):
(play.google.com):
(plus.google.com):
(p.nintendo.net):
(p.rfihub.com):
(promoted.soundcloud.com):
(p.typekit.net):
(pubads.g.doubleclick.net):
(pushmore.wup.shop.nintendo.net):
(r2---sn-fpoq-hm2l.googlevideo.com):
(rp.gwallet.com):
(s0.2mdn.net):
(s10.flagcounter.com):
(s1.2mdn.net):
(s.adroll.com):
(sb.scorecardresearch.com):
(scontent-a-mxp.xx.fbcdn.net):
(scontent-b-mxp.xx.fbcdn.net):
(sd.symcd.com):
(secure.adnxs.com):
(secure.gravatar.com):
(secure.quantserve.com):
(se.symcd.com):
(shoptemp.net):
(s-media-cache-ak0.pinimg.com):
(snes9x-gx.googlecode.com):
(soundcloud.com):
(s-passets-cache-ak0.pinimg.com):
(ssl-ccstatic.highwebmedia.com):
(ssl-cdn.highwebmedia.com):
(ssl.google-analytics.com):
(ssl.gstatic.com):
(s-static.ak.facebook.com):
(stars.nintendo-europe.com):
(static2.flattr.net):
(static3.flattr.net):
(static4.flattr.net):
(static.ak.facebook.com):
(static.gamefaqs.com):
(stats.adobe.com):
(stats.g.doubleclick.net):
(store1.adobe.com):
(store.nintendo.co.uk):
(sync.tidaltv.com):
(syndication.twitter.com):
(s.youtube.com):
(s.ytimg.com):
(t0.gstatic.com):
(t1.gstatic.com):
(t2.gstatic.com):
(t3.gstatic.com):
(tagaya.wup.shop.nintendo.net):
(tags.bkrtx.com):
(tpc.googlesyndication.com):
(translate.google.fi):
(translate.google.fr):
(translate.google.it):
(twitter.com):
(um.simpli.fi):
(u.openx.net):
(us-u.openx.net):
(va.sndcdn.com):
(vassg141.ocsp.omniroot.com):
(version.bind):
(VERSION.BIND):
(video.google.it):
(vlch.net):
(webmetrics.nintendo-europe.com):
(wiiubrew.org):
(wiki.gbatemp.net):
(wis.sndcdn.com):
(www.adobe.com):
(www.adobetag.com):
(www.baidu.com):
(www.blogger.com):
(www.camfolk.info):
(www.codemii.com):
(www.exroxy.com):
(www.facebook.com):
(www.freeproxy.ru):
(www.gamefaqs.com):
(www.gc-forever.com):
(www.googleadservices.com):
(www.google-analytics.com):
(www.google.com):
(www.google.com.dnstest.nys.nyenet):
(www.google.fi):
(www.google.fr):
(www.google.it):
(www.googletagmanager.com):
(www.googletagservices.com):
(www.gravatar.com):
(www.gstatic.com):
(wwwimages2.adobe.com):
(wwwimages.adobe.com):
(www.mediawiki.org):
(www.nds-card.com):
(www.neogaf.com):
(www.nintendo.at):
(www.nintendo.be):
(www.nintendo.ch):
(www.nintendo.co.jp):
(www.nintendo.com):
(www.nintendo.co.uk):
(www.nintendo.co.za):
(www.nintendo.de):
(www.nintendo.es):
(www.nintendo-europe.com):
(www.nintendo.fr):
(www.nintendo.it):
(www.nintendokidsclub.co.uk):
(www.nintendolandia.it):
(www.nintendo.nl):
(www.nintendo.pt):
(www.nintendo.ru):
(www.phpbb.com):
(www.pinterest.com):
(www.pokemon.com):
(www.pokemonrubysapphire.com):
(www.proxy4free.com):
(www.proxylists.net):
(www.proxysolutions.net):
(www.proxywiki.org):
(www.proxz.com):
(www.speedtest.net):
(www.stsoftware.biz):
(www.thommysplace.com):
(www.twitter-button.net):
(www.twitter.com):
(www.xroxy.com):
(www.youtube.com):
(www.youtube-nocookie.com):
(xenforo.com):I received an e-mail at 5:30 this morning from Amazon Web Services stating that there have been reports of my box being part of a DDoS (Distributed Denial of Service) attack.
The email reads as follows:
After investigating, it appears that because my DNS server was an open resolver (available to the public), it was picked up by a subnet scan and used in a DNS Amplification attack against various websites. The resulting traffic from the above attack has also resulted in charges to my AWS account to the tune of $252. Needless to say, this project is terminated. Thanks
The email reads as follows:
Code:
Hello,
You have outstanding abuse reports against your EC2 instance(s) and we are notifying you that we have investigated and observed abuse activity. Please take corrective measures as soon as possible and notify us that you have done so. Your response is required and failure to respond within 48 hours may result in the isolation of your instance(s).
Please contact us at at [email protected] to notify us of your corrective actions, or if you believe that these findings are in error.
Instance ID: xxxxxxxxxx
Reason: DoS
If you are unaware of the source of the reported abuse, your instance(s) were most likely compromised by an external attacker. If you were compromised by an external attacker the best recourse is to back up your data, migrate your applications to a new instance, and terminate the old one.
Please be aware: According to the terms of the Web Services License Agreement (http://aws.amazon.com/agreement/), if your instance(s) continue abusive behavior in violation of the Acceptable Use Policy (http://aws.amazon.com/aup/), your instances and account may be subject to termination.
Please remember that you are responsible for ensuring that your instances and all applications are properly secured. For more information on security best practices please review the following resources:
Tips for Securing Your EC2 Instance:
http://aws.amazon.com/articles/Amazon-EC2/1233
Security Best Practices:
http://media.amazonwebservices.com/AWS_Security_Best_Practices.pdf
AWS Security Center:
http://aws.amazon.com/security
Thank you,
The EC2 Abuse Team
________________________________________
Ouch, see what happens when you try to be generous and/or give out any information? It is simple; block mac addresses. I have my phone and computer for anything else and really don't need anything online from the Wii U at this time. There are pages where people can find out how to block MANY Nintendo functions. With custom router firmware (DDWRT?) I literally went to one part and copy/pasted the firewall settings. Somebody could probably dig further into that.
Similar threads
-
BakerMan
I rather enjoy a life of taking it easy. I haven't reached that life yet though. -
BigOnYa
-
AncientBoi
-
@
BakerMan:
i just want a wizard to stick his wand (whether literal or figurative is up to interpretation, either way it's either freaky or sus, or both i guess) up my ass
-
@
BigOnYa:
I'm making Texas sheet cake for first time today, my Nieghbor brought us some few weeks ago and damn that's good, so I got her recipe and gonna try it today.
-
-
-
@
BigOnYa:
I tried making chocolate lava cakes the other day in cupcake pan, what a mess, my lava exploded out of the cakes everywhere while baking, was still ok tho, just no lava inside.
-
@
BigOnYa:
We had our grandkids over yesterday and I got a small above ground swimming pool I filled for them to play in. Well today I woke to find 3 ducks swimming around in it. Don't mind really but they are annoyingly loud, quack quack. Gotta drain it today. Guess what were having for dinner, lol.+1
-
-
-
-
-
-
-
-
@
BigOnYa:
I used butter instead of vegetable oil, and think that's why they squirted out during baking, who knows
-
-
@
BakerMan:
plus if you're making brownies or lava cakes for people with dairy allergies, you should use oil instead of butter anyway+2
-
-
@
BigOnYa:
I make rum cake for 4th July every year, I make it a week prior and then soak it in rum in the fridge all week. I flip the cake each day, and add little more rum, it soaks it up everyday, so good.+2
-
@
BakerMan:
sorry, idk what you mean by a space cake, and even if i did, i'm not really taking requests right now, because otherwise people will get mad at me for taking a request but not making a birthday cake for @Xdqwerty (i'm sorry for that btw bro)
-
-
-
-
@
BigOnYa:
Me and wifey was deciding on our next vacation, so I hung up a map on the wall, and give her a dart and said, wherever you hit, we will go. She threw the dart and it missed the map completely and fell into a trash can below on floor. So I said "ok Florida it is."
-
-
Science Project?
