Hacking TitleDB.com - Update Blocking DNS Servers

[ksanislo]

I'm performing some maintenance on the DNS servers. In the interest of safety I'll be blocking all DNS queries until finished from one server at a time, so they can't accidentally leak unfiltered responses. They are expected to be down only a few minutes each.

update: Maintenance has been concluded. The backend has been changed from bind9 to powerdns, since pdns provides a mechanism that will help prevent being used as a DDoS relay, and I'd rather prefer not dealing with that sort of thing.

 

[Phemeto]

Thank you keep up with this, since the recent attacks against the other

 

[ksanislo]

Thank you keep up with this, since the recent attacks against the other

These should remain up for the foreseeable future. I'd actually attempted to warn the operator of the DNS-U setup about his vulnerability of becoming a DDoS amplifier, but he apparently wasn't interested in fixing it.

 

[Ninja_Carver]

that's kind of a big assumption. i did try several iptables entries to defeat the attack but none worked.

 

[ksanislo]

that's kind of a big assumption. i did try several iptables entries to defeat the attack but none worked.

You can't block the "source" addresses of a UDP based DNS amplification attack because that's a forged address of the DDoS target. You must utilize something such as PowerDNS's any-to-tcp option which returns a 'truncated' result to any UDP ANY query, requiring the client to switch to TCP which can't be forged in order to perform a query for ANY type records.

 

[Ninja_Carver]

You can't block the "source" addresses of a UDP based DNS amplification attack because that's a forged address of the DDoS target. You must utilize something such as PowerDNS's any-to-tcp option which returns a 'truncated' result to any UDP ANY query, requiring the client to switch to TCP which can't be forged in order to perform a query for ANY type records.

i'm familiar with how an amplification attack works and didn't say i was trying to block the source addresses.. christ you make a lot of generalizations. anyways, its not really worth the effort of rebuilding the server with powerdns. cheers.

 

[ksanislo]

i'm familiar with how an amplification attack works and didn't say i was trying to block the source addresses.. christ you make a lot of generalizations. anyways, its not really worth the effort of rebuilding the server with powerdns. cheers.

I apologize if I came off as rude, and you're right that I made some possibly incorrect assumptions as to how your system was configured. Thank you for your support of the community with your service. If you do decide you wish to continue DNS-U with pdns later on, I'm sure people would be grateful for more options.

 

[DarkFlare69]

thanks for this, hopefully no one abuses it like they did with DNS-U.

 

[shinobita]

thanks a million @ksanislo

 

[adittya]

is this dns still work? i cant connect to internet today

 

[Deleted User]

is this dns still work? i cant connect to internet today

I'm typing this from a Wii U so, yeah. It still works.

 

[adittya]

I'm typing this from a Wii U so, yeah. It still works.

well the problem is my wii u then. thanks for the info

can somebody help me with the problem?

 

[Deleted User]

well the problem is my wii u then. thanks for the info

can somebody help me with the problem?

Yeah, what problem are you having?

 

[adittya]

Yeah, what problem are you having?

i cant connect to internet with the dns. but with auto dns i can connect without problem. without internet i cant open hbl
i already reset router, try another router, try with another connection, reset wii u couple times the result are the same

 

[ksanislo]

Doing some maintenance on these DNS servers today. I'll be blocking them off from public access while working, to make sure I don't accidentally leak valid results out and let someone's console update unexpectedly. As long as you have BOTH of mine configured, you shouldn't see an impact. Anybody who still has one of the dead, alternate services (tubehax, dns-u) on their system will probably lose internet briefly.

 

[ksanislo]

Doing some maintenance on these DNS servers today. I'll be blocking them off from public access while working, to make sure I don't accidentally leak valid results out and let someone's console update unexpectedly. As long as you have BOTH of mine configured, you shouldn't see an impact. Anybody who still has one of the dead, alternate services (tubehax, dns-u) on their system will probably lose internet briefly.

Maintenance has been concluded. Services are back up and running as expected on both systems.

 

[Xerkies]

Two of the TitleDB.com nameservers have been configured to block updates for the Wii U and allow open use from the internet.

Los Angeles, USA: 168.235.092.108
Alblasserdam, NL: 081.004.127.020

These should be stable and aren't going to be discontinued any time soon, so they should be solid choices to use on your system. Set the one nearest to you as your primary, and use the other as secondary.

The following domains are currently filtered:
nus.c.shop.nintendowifi.net
nus.cdn.c.shop.nintendowifi.net
nus.cdn.shop.wii.com
nus.cdn.wup.shop.nintendo.net
nus.wup.shop.nintendo.net
c.shop.nintendowifi.net
cbvc.cdn.nintendo.net
cbvc.nintendo.net

This list is subject to change without notice, and is a free service offered to the community. I make no guarantee to the quality or suitability of this service for anything whatsoever.

Now my internet doesn't work. It did work before but now it doesn't

 

[AmandaRose]

Now my internet doesn't work. It did work before but now it doesn't

Well something is wrong at your end as I use those blockers and can access the Internet with zero problems.

 

[Abbas_Zaini]

Are they down again? Because I had an unexpected update download that I somehow noticed and powered off to prevent.

 

[SomeGamer]

Are they down again? Because I had an unexpected update download that I somehow noticed and powered off to prevent.

It they're down, your Wii U can't do any DNS resolutions -> no internet at all.