Hacking TitleDB.com - Update Blocking DNS Servers

ksanislo

Well-Known Member
OP
Member
Joined
Feb 23, 2016
Messages
386
Trophies
0
Location
Seattle, WA
XP
502
Country
United States
I'm performing some maintenance on the DNS servers. In the interest of safety I'll be blocking all DNS queries until finished from one server at a time, so they can't accidentally leak unfiltered responses. They are expected to be down only a few minutes each.

update: Maintenance has been concluded. The backend has been changed from bind9 to powerdns, since pdns provides a mechanism that will help prevent being used as a DDoS relay, and I'd rather prefer not dealing with that sort of thing.
 
Last edited by ksanislo,

ksanislo

Well-Known Member
OP
Member
Joined
Feb 23, 2016
Messages
386
Trophies
0
Location
Seattle, WA
XP
502
Country
United States
Thank you keep up with this, since the recent attacks against the other
These should remain up for the foreseeable future. I'd actually attempted to warn the operator of the DNS-U setup about his vulnerability of becoming a DDoS amplifier, but he apparently wasn't interested in fixing it.
 

ksanislo

Well-Known Member
OP
Member
Joined
Feb 23, 2016
Messages
386
Trophies
0
Location
Seattle, WA
XP
502
Country
United States
that's kind of a big assumption. i did try several iptables entries to defeat the attack but none worked.
You can't block the "source" addresses of a UDP based DNS amplification attack because that's a forged address of the DDoS target. You must utilize something such as PowerDNS's any-to-tcp option which returns a 'truncated' result to any UDP ANY query, requiring the client to switch to TCP which can't be forged in order to perform a query for ANY type records.
 

Ninja_Carver

Well-Known Member
Member
Joined
Dec 27, 2012
Messages
364
Trophies
0
Age
39
XP
652
Country
United States
You can't block the "source" addresses of a UDP based DNS amplification attack because that's a forged address of the DDoS target. You must utilize something such as PowerDNS's any-to-tcp option which returns a 'truncated' result to any UDP ANY query, requiring the client to switch to TCP which can't be forged in order to perform a query for ANY type records.

i'm familiar with how an amplification attack works and didn't say i was trying to block the source addresses.. christ you make a lot of generalizations. anyways, its not really worth the effort of rebuilding the server with powerdns. cheers.
 

ksanislo

Well-Known Member
OP
Member
Joined
Feb 23, 2016
Messages
386
Trophies
0
Location
Seattle, WA
XP
502
Country
United States
i'm familiar with how an amplification attack works and didn't say i was trying to block the source addresses.. christ you make a lot of generalizations. anyways, its not really worth the effort of rebuilding the server with powerdns. cheers.

I apologize if I came off as rude, and you're right that I made some possibly incorrect assumptions as to how your system was configured. Thank you for your support of the community with your service. If you do decide you wish to continue DNS-U with pdns later on, I'm sure people would be grateful for more options.
 

adittya

Member
Newcomer
Joined
Apr 9, 2017
Messages
7
Trophies
0
Age
32
XP
42
Country
Indonesia
Yeah, what problem are you having?

i cant connect to internet with the dns. but with auto dns i can connect without problem. without internet i cant open hbl
i already reset router, try another router, try with another connection, reset wii u couple times the result are the same
 
Last edited by adittya,

ksanislo

Well-Known Member
OP
Member
Joined
Feb 23, 2016
Messages
386
Trophies
0
Location
Seattle, WA
XP
502
Country
United States
Doing some maintenance on these DNS servers today. I'll be blocking them off from public access while working, to make sure I don't accidentally leak valid results out and let someone's console update unexpectedly. As long as you have BOTH of mine configured, you shouldn't see an impact. Anybody who still has one of the dead, alternate services (tubehax, dns-u) on their system will probably lose internet briefly.
 

ksanislo

Well-Known Member
OP
Member
Joined
Feb 23, 2016
Messages
386
Trophies
0
Location
Seattle, WA
XP
502
Country
United States
Doing some maintenance on these DNS servers today. I'll be blocking them off from public access while working, to make sure I don't accidentally leak valid results out and let someone's console update unexpectedly. As long as you have BOTH of mine configured, you shouldn't see an impact. Anybody who still has one of the dead, alternate services (tubehax, dns-u) on their system will probably lose internet briefly.

Maintenance has been concluded. Services are back up and running as expected on both systems.
 
  • Like
Reactions: Deleted User

Xerkies

Active Member
Newcomer
Joined
Dec 14, 2016
Messages
29
Trophies
0
Age
28
XP
108
Country
United States
Two of the TitleDB.com nameservers have been configured to block updates for the Wii U and allow open use from the internet.

Los Angeles, USA: 168.235.092.108
Alblasserdam, NL: 081.004.127.020


These should be stable and aren't going to be discontinued any time soon, so they should be solid choices to use on your system. Set the one nearest to you as your primary, and use the other as secondary.

The following domains are currently filtered:
nus.c.shop.nintendowifi.net
nus.cdn.c.shop.nintendowifi.net
nus.cdn.shop.wii.com
nus.cdn.wup.shop.nintendo.net
nus.wup.shop.nintendo.net
c.shop.nintendowifi.net
cbvc.cdn.nintendo.net
cbvc.nintendo.net

This list is subject to change without notice, and is a free service offered to the community. I make no guarantee to the quality or suitability of this service for anything whatsoever.
Now my internet doesn't work. It did work before but now it doesn't
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • Veho @ Veho:
    Just a couple of guys taking their manatee out for some fresh air, why you have to molest them?
  • Veho @ Veho:
    Stupid Chinese shop switched their shipping company and this one is slooooooow.
  • LeoTCK @ LeoTCK:
    STOP BUYING CHINESE CRAP THEN
  • LeoTCK @ LeoTCK:
    SUPPORT LOCAL PRODUCTS, MAKE REVOLUTION
  • LeoTCK @ LeoTCK:
    THEY KEEP REMOVING LOCAL SHIt AND REPLACING WItH INFERIOR CHINESE CRAP
  • LeoTCK @ LeoTCK:
    THATS WHY MY PARTNER CANT GET A GOOTWEAR HIS SIZE ANYMORE
  • LeoTCK @ LeoTCK:
    HE HAS BIG FOOT AND BIG DUCK
  • LeoTCK @ LeoTCK:
    d*ck i mean*
  • LeoTCK @ LeoTCK:
    lol
  • Veho @ Veho:
    Mkay.
  • Veho @ Veho:
    I just ordered another package from China just to spite you.
  • SylverReZ @ SylverReZ:
    Communism lol
  • SylverReZ @ SylverReZ:
    OUR products
  • The Real Jdbye @ The Real Jdbye:
    @LeoTCK actually good quality products are dying out because they can't compete with dropshipped chinese crap
    +2
  • BakerMan @ BakerMan:
    @LeoTCK is your partner the sascrotch or smth?
  • Xdqwerty @ Xdqwerty:
    Good morning
  • Xdqwerty @ Xdqwerty:
    Out of nowhere I got several scars on my forearm and part of my arm and it really itches.
  • AdRoz78 @ AdRoz78:
    Hey, I bought a modchip today and it says "New 2040plus" in the top left corner. Is this a legit chip or was I scammed?
  • Veho @ Veho:
    @AdRoz78 start a thread and post a photo of the chip.
    +2
  • Xdqwerty @ Xdqwerty:
    Yawn
  • S @ salazarcosplay:
    and good morning everyone
    +1
  • K3Nv2 @ K3Nv2:
    @BakerMan, his partner is Luke
    K3Nv2 @ K3Nv2: @BakerMan, his partner is Luke