HomeSearchPrevious dayNext day

00:47:40n9nes quits [Ping timeout: 250 seconds]
00:47:48n9nes joins
00:52:26n9nes quits [Ping timeout: 250 seconds]
01:08:23n9nes joins
02:29:47Krownest1 (Krownest) joins
02:33:58Krownest quits [Ping timeout: 258 seconds]
03:17:53qw3rty__ joins
03:21:30qw3rty_ quits [Ping timeout: 258 seconds]
04:00:00treora quits [Quit: blub blub.]
04:01:17treora joins
07:34:30HackMii quits [Ping timeout: 258 seconds]
07:34:54HackMii (hacktheplanet) joins
09:11:43mutantmnky quits [Remote host closed the connection]
09:18:03mutantmnky (mutantmonkey) joins
09:43:18ragu quits [Ping timeout: 258 seconds]
13:47:47VerifiedJ quits [Quit: The Lounge - https://thelounge.chat]
13:48:38VerifiedJ (VerifiedJ) joins
15:31:38x9fff00 quits [Remote host closed the connection]
18:30:43AccessViolation joins
18:32:54<AccessViolation>Hey there. In the Netherlands, many ISPs were ordered by court to block thepiratebay.org and other hosts hosting The Pirate Bay. This is the only censored website in the Netherlands. Can I safely use the Warrior for urlteam? If it only captures the link they point to then it should be fine, but if it also captures the page content of the URL they
18:32:55<AccessViolation>point to then that would be a problem.
19:07:59<@JAA>AccessViolation: It won't be a problem with URLTeam. This project only grabs the shortener.
19:08:25<AccessViolation>Okay, thanks
19:35:03x9fff00 (x9fff00) joins
19:35:15<h3ndr1k>Can't these blocks be circumvented by using your own resolver like unbound? Only when they order cloudflare to drop the domain would be bad.
19:36:41<AccessViolation>I'm not sure. I don't think it works on a DNS level
19:37:17<AccessViolation>using DNS over HTTPS for example does not circumvent it
19:38:22<AccessViolation>Actually, let me try to make sure
19:38:40<AccessViolation>I vaguely remember trying it before
19:39:57<@JAA>That's generally true when the ISPs implement the absolute minimum of a block. But I believe there are MITMs and IP bans as well.
19:40:11<AccessViolation>Yup, 403 forbidden error. But no block page, at least
19:40:12<@JAA>Depends strongly on the jurisdiction, obviously.
19:40:50<h3ndr1k>can you "dig A thepiratebay.org; dig A thepiratebay.org @sevki.ns.cloudflare.com."? I'm curious how its done.
19:41:13<AccessViolation>The site worked fine in Tor
19:41:19<AccessViolation>Sure, I'll try that
19:41:33<h3ndr1k>tor will probably depend on your exit
19:42:39<AccessViolation>https://paste.gg/p/AccessViolation_/4de33d2938fb4015b0078b5b57ba6a37
19:43:35<AccessViolation>uhh wait, let me get you the second output as well
19:44:29<h3ndr1k>I'm seeing this, but I'm in Germany
19:44:29<h3ndr1k>thepiratebay.org. 300 IN A 162.159.136.6
19:44:29<h3ndr1k>thepiratebay.org. 300 IN A 162.159.137.6
19:44:51<@JAA>^ Same from CH with a recursive resolver.
19:44:55<AccessViolation>Done, check the same link again
19:44:57<h3ndr1k>60s ttl seems fishy
19:46:03<h3ndr1k>195.121.82.125 is Pops travelnet NL-PI-POPS-TRAVELNET. Is that your ISP?
19:46:17<AccessViolation>Check this out as well, this was a measurement I tool with OONI Probe https://explorer.ooni.org/measurement/20210427T121708Z_webconnectivity_NL_1136_n1_CWNRD7HXQbkYz9Jo?input=http%3A%2F%2Fthepiratebay.org%2F
19:46:25<AccessViolation>My ISP is KPN
19:48:34<h3ndr1k>Oh yeah it says KPN too. whois is confusing.
19:48:57<h3ndr1k>That OONI looks cool, did not know that before.
19:49:47<AccessViolation>Yeah. They're the Open Observatory for Network Interference. You can download they app and run it, and it'll create a public report
19:50:04<AccessViolation>It's really neat. I think it's run by the Tor Project
19:50:23<h3ndr1k>It can probably be circumvented with your own resolver then or even google's.
19:51:32<AccessViolation>Like I said, it also does something else. I set my DNS to a DoH provider and got no block page this time, but a "404 Forbidden" error"
19:51:56<AccessViolation>It's quite interesting, but I'm not sure if that can be circumvented without a proxy
19:53:35<h3ndr1k>Your dig @cloudflare resolved to the correct addresses, though. Can you run "dig NS thepiratebay.org"? Maybe they change the NS records, which might stop custom resolvers?
19:53:56<h3ndr1k>Just port the answer portion. Don't need a pastebin
19:56:48<AccessViolation>This part? flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
20:00:31<h3ndr1k>Where is says ";; ANSWER SECTION:", maybe its in the authority or additional section too.
20:01:29<AccessViolation>I see neither of those three sections
20:02:14<h3ndr1k>hm just do a pastebin then :)
20:02:46<AccessViolation>https://paste.gg/p/AccessViolation_/b15d972a74a94b66a6012ea0226038b1
20:03:48<h3ndr1k>Oh, they actually block the NS records. That could stop unbound from working. I get this:
20:03:48<h3ndr1k>;; ANSWER SECTION:
20:03:48<h3ndr1k>thepiratebay.org. 5383 IN NS sevki.ns.cloudflare.com.
20:03:48<h3ndr1k>thepiratebay.org. 5383 IN NS deb.ns.cloudflare.com.
20:04:22<h3ndr1k>That says that these two cloudflare servers are responsible for the domain.
20:06:04<AccessViolation>Huh, so, is it preventing my request from reaching DNS servers in the first place? Did I get that right?
20:06:19<h3ndr1k>maybe
20:15:37<@JAA>`dig +trace thepiratebay.org` should reveal that.
20:16:14<@JAA>That's a full recursive resolution from the root, not querying your ISP DNS for the NS.
20:16:34<@JAA>So if they just block it on their DNS servers, it should work. If they MITM DNS traffic, welp...
20:23:56<h3ndr1k>don't seem to mitm any traffic. AV sent a dig against one of the .org servers and that resolves the ns records correctly.
20:26:02<AccessViolation>JAA, I get "connection timed out; no servers could be reached"
20:26:41<AccessViolation>I was expecting something more fancy :P
20:27:55<AccessViolation>Huh, I get that when I do it on example.com too. Must be something on my end
20:31:52<h3ndr1k>+trace does not work for me too.
20:32:08<h3ndr1k>Maybe we should not discuss this here :)
20:51:08<@JAA>Yeah, -ot material at this point.
23:07:34AccessViolation quits [Remote host closed the connection]

HomeSearchPrevious dayNext day