[HN Gopher] Engineer distributes resume via IPv6 traceroute
___________________________________________________________________
Engineer distributes resume via IPv6 traceroute
Author : fjarlq
Score : 414 points
Date : 2022-08-26 16:33 UTC (6 hours ago)
(HTM) web link (cv6.poinsignon.org)
(TXT) w3m dump (cv6.poinsignon.org)
| di wrote:
| Here's what it looks like: $ traceroute
| cv6.poinsignon.org traceroute to cv6.poinsignon.org
| (2001:bc8:3eff:c0::ff), 30 hops max, 80 byte packets 1
| gateway 0.795 ms 0.789 ms [...] 8 hello
| (2001:bc8:3eff:c0::1) 1.431 ms 1.202 ms 9
| My.name.is.Louis.Poinsignon (2001:bc8:3eff:c0::2) 1.649 ms
| 1.274 ms 10 I.am.a.network.and.systems.Engineer
| (2001:bc8:3eff:c0::3) 1.695 ms 2.090 ms 11
| This.is.my.resume.over.traceroute (2001:bc8:3eff:c0::4) 1.698 ms
| 1.793 ms 12 o---Experience---o (2001:bc8:3eff:c0:ee::)
| 1.829 ms 2.052 ms 13 2018.Cloudflare.NetworkEngineer.SF
| (2001:bc8:3eff:c0:ee::cf3) 2.261 ms 2.155 ms 14
| 2017.Cloudflare.NetworkEngineer.London (2001:bc8:3eff:c0:ee::cf2)
| 2.293 ms 1.284 ms 15
| 2016.Cloudflare.NetworkEngineer.Intern.SF
| (2001:bc8:3eff:c0:ee::cf1) 1.136 ms 1.205 ms 16
| 2015.CEA.SoftwareEngineer.Intern.France
| (2001:bc8:3eff:c0:ee::cea) 1.204 ms 1.226 ms 17 o---
| Education---o (2001:bc8:3eff:c0:ed::) 1.360 ms 1.607 ms
| 18 2015-2016.DrexelUni.Exchange.CE.Philadelphia
| (2001:bc8:3eff:c0:ed::1) 1.237 ms 1.312 ms 19
| 2011-2016.UTT.Master.CE.France (2001:bc8:3eff:c0:ed::2) 1.492 ms
| 1.604 ms 20 o---Skills---o (2001:bc8:3eff:c0:51::)
| 1.565 ms 1.418 ms 21 C.Java.Python.Golang
| (2001:bc8:3eff:c0:51::1) 1.364 ms 1.536 ms 22
| Net.Linux.Automation (2001:bc8:3eff:c0:51::2) 1.381 ms 1.266 ms
| 23 Statistics.Maths.Photoshop (2001:bc8:3eff:c0:51::3) 1.504 ms
| 1.431 ms 24 o---Various---o (2001:bc8:3eff:c0:7a::)
| 1.461 ms 1.519 ms 25 Swimming.and.karate
| (2001:bc8:3eff:c0:7a::1) 1.378 ms 1.473 ms 26 Piano
| (2001:bc8:3eff:c0:7a::2) 1.552 ms 1.683 ms 27 o---
| Contact---o (2001:bc8:3eff:c0:c0::) 1.551 ms 1.486 ms
| 28 mail.jobs.at.poinsignon.org (2001:bc8:3eff:c0:c0::1) 1.576
| ms 1.473 ms
| petalmind wrote:
| I think that many HRs would be suspicious about somebody who
| worked at each job for 2.261 ms.
| fragmede wrote:
| It's contracting work, so the short duration makes sense!
| a-dub wrote:
| i love how the low bits of the addresses in hex are cognates
| for both the section and the actual content of the name/line.
|
| also, looking glasses... jeez. i haven't heard or thought of
| those in _years_.
| psydvl wrote:
| Why have you traceroute ip instead of domain?
| internet_user wrote:
| you could have multiple IPs attached to a domain which could
| mess up this trick.
|
| I also wonder why not use use the domain, much easier.
| qHss6ID2JSztUgr wrote:
| > Host mail.jobs.at.poinsignon.org not found: 3(NXDOMAIN)
|
| (A bit of a missed opportunity; the author should really set
| a AAAA record there IMHO)
|
| There's no _actual_ requirement that your PTR records resolve
| back to the same IP. Historically very little software
| bothered to check, and most of the Unix-y diagnostic software
| has never been updated to do so...
| josteink wrote:
| > Historically very little software bothered to check
|
| For some reason, most IRC servers tend to do this.
| di wrote:
| Bad copy/paste
| Exuma wrote:
| So is that mail.jobs@ or mail+jobs@... or jobs@
|
| A total flop on the last line
| FabHK wrote:
| Not really. From the lines above one can deduce that the dot
| represents space or colon, for obvious technical reasons. As
| such, I'd interpret
| mail.jobs.at.poinsignon.org
|
| as mail: jobs@poinsignon.org
| munk-a wrote:
| I still think it's mail.jobs@ - so I'd hope the engineer
| set up collection on both addresses.
|
| It'd probably be a lot safer to just have the line be
| "jobs.at.[...]"
|
| Edited to add: Oh also - from the same line you can infer
| that a dot means a dot - the ".org" at the end confuses the
| meaning. Perhaps it'd be clearer if they went 100% slashdot
| and had ".DOT.org"
| Exuma wrote:
| Yes really, you can see even in the other replies the
| interpretations are not 100% clear.
|
| It took me a minute to realize it wasnt some form of
| "mail+jobs" or "mail.jobs". It wasnt until I wrote the last
| line of my comment that it was "mail jobs@"
| readthenotes1 wrote:
| I bet if he can do this trace route thing, he can get all
| those emails going to his own domain regardless of who they
| are addressed to
| Exuma wrote:
| I would presume a better way would be to not make people
| feel unsure of what it is, and just pick something thats
| super clear.
| amenod wrote:
| Or it's a filter. No need to send anything if you are
| unsure.
| Exuma wrote:
| I didn't realize that arbitrary interpretation of vague
| text was a criteria for a great employer
| [deleted]
| bkane521 wrote:
| My interpretation was mail: jobs@poinsignon.org
| randunel wrote:
| My interpretation would be mail+jobs@example.com, given
| that it's become the de facto standard, and
| mail@example.com looks like his main one.
| reaperducer wrote:
| Remember when they said we'd never run out of IPV6 addresses?
|
| Good times.
| yjftsjthsd-h wrote:
| > Cloudflare.NetworkEngineer
|
| Ah, that explains a lot. Not that anyone else couldn't do such
| a thing, but I feel like even amongst more "hacker" types it
| takes a relatively specialized background to pull a trick like
| this (at least statistically; I'm sure there are outliers).
| DropKiwiFarms wrote:
| brightball wrote:
| Username checks out
| tyingq wrote:
| Not sure how he did it, but my first guess would be just a
| bunch of virtual interfaces on a linux box with
| a->b->c->d->e->etc routing, and something like the tc
| command[1] to add enough latency to each one that traceroute
| sees them all.
|
| If he's scripted it to do all the virtual nic creation and
| dns ptr entries, it would be interesting to see.
|
| [1] https://bencane.com/2012/07/16/tc-adding-simulated-
| network-l...
| JoachimSchipper wrote:
| traceroute(1) uses the IP Time-To-Live (TTL) field, not
| network latency. So just a bunch of virtual interfaces on a
| suitable *nix should be enough.
| tyingq wrote:
| Ah, right, hop count ceiling and decrement from each hop.
|
| Specifically timed latency might be fun to delineate
| sections for the viewer though.
| mrb wrote:
| Virtual interfaces aren't necessary, and would be overkill.
| All he needs on his server is to listen on a raw network
| socket, read the incoming packet's IP TTL value, then forge
| and send an ICMP "time exceeded" response with the source
| IP address set to a value that depends on the TTL. The
| entire thing could be done in 20-30 lines of Python.
|
| Next to that he set up a DNS server configured with PTR
| records that map these forged IP addresses to arbitrary
| hostnames of his choices.
| tyingq wrote:
| Sure, another way to do it, though the python would have
| to get the peer address, extract 64 bits of the incoming
| msg, table lookups of hop count -> forged address,
| decrement hop counts, etc. A shell script creating
| virtual interfaces and routing wouldn't likely be much
| longer than 20-30 lines either.
| mrb wrote:
| There is no need to do "table lookups of hop count" or to
| "decrement hop counts". The IP TTL value is just a field
| that can be read from the IP header, which is trivial
| since the Python would get the entire IP header from the
| raw socket. If you see a TTL=1 you send back the forged
| response as coming from $IP_1, if you see a TTL=2 you
| forge the response as coming from $IP_2, etc. The forged
| response can always contain the same default TTL.
| nitros wrote:
| For maximum 'performance' you can do it in-kernel with
| eBPF :^) https://github.com/simmsb/traceroute-spoof
| chatmasta wrote:
| It's because practical experience with technologies like BGP
| is difficult to acquire without sufficient capital to run a
| network. You can of course purchase a /24 and dabble (search
| HN for blog posts describing exactly that). And you can
| experiment with large deployments in simulators. But network
| optimization is inherently more of a practical pursuit than a
| theoretical one, so most broad and consistent learning
| opportunities are siloed to large organizations where you can
| accrue daily experience with the stack.
|
| This is really unfortunate, and I mostly blame Cisco and
| Juniper. They suffocated an entire academic discipline with
| obfuscated terminology driven more by their business models
| than anything resembling the OSI model or open standards.
| That's why WireGuard feels like such a breath of fresh air
| after 20 years of L2TP/IPSec.
|
| I applaud companies like Cloudflare and Fly.io for their
| openness in sharing techniques and open sourcing so much of
| their code. It goes a long way toward lowering the barriers
| to self-teaching and experimenting with the latest networking
| software. And I'm sure HR is happy about the increasingly
| large applicant pool of qualified networking engineers - even
| if some hires do eventually leave by advertising their resume
| to anyone who sends them an IPv6 trace-route :)
| xhrpost wrote:
| > search HN for blog posts describing exactly that
|
| Know any offhand? Search is a bit tough for a common number
| like 24. The concept sounds interesting
| chatmasta wrote:
| Oh wow you're right - and neither "autonomous system" nor
| "AS" are much better keywords! I think this post from
| 2017 [0] is the one I'm remembering, but I'm pretty sure
| I saw another one more recently and now I can't find it
| (edit: skitter found it! see sibling comment)
|
| "BGP" is a signal-yielding search [1]. And any post from
| benjojo's blog [2] is always a must-read.
|
| [0] https://news.ycombinator.com/item?id=15727115
|
| [1] https://hn.algolia.com/?dateRange=all&page=0&prefix=t
| rue&que...
|
| [2] https://news.ycombinator.com/from?site=benjojo.co.uk
| skitter wrote:
| A quick search turned up
| https://news.ycombinator.com/item?id=30178655
| 867-5309 wrote:
| it's ipv6 so a /120 would do!
| RF_Savage wrote:
| 44Net and hamnet are also interesting to those with radio
| amateur licenses. Many folks run their own AS an BGP in
| that range.
| lawrenceyan wrote:
| You can contribute to the Solana core tech team, with the
| incentive alignment of underlying token value as a partial
| backer!
|
| I think they're doing some really cool stuff on the network
| optimization level. As an example, Solana recently
| implemented QUIC in its latest release:
| https://github.com/solana-labs/solana/projects/74
| vlan0 wrote:
| Feels like we're a dying bread with everything cloud first
| and serverless.
| mhh__ wrote:
| There are always nerdy kids learning this stuff.
|
| Especially when the breed has "died"
| irrational wrote:
| Dying breed? Though dying bread sounds like an interesting
| metaphor.
| yjftsjthsd-h wrote:
| Eh, smaller slice of a bigger pie. Somebody has to make
| "the cloud" work so that everybody else doesn't have to
| worry about the underlying bits as much.
| prvit wrote:
| This is a very old and oft-repeated trick though.
|
| https://github.com/blechschmidt/fakeroute
|
| https://github.com/antifork/hopfake
|
| https://github.com/jprenken/rickroute
|
| https://github.com/sams-gleb/ipv4-traceroute-fake
|
| https://github.com/job/ipv6-traceroute-faker
|
| And so on...
|
| I remember being a 13yo kid sitting on IRC doing exactly this
| for fun years ago back when IP addresses were cheap and easy
| to come by. But spoofing military IPs in the traceroute was
| more fun.
| silentsea90 wrote:
| Believe it or not, you might have very specific interests
| :)
| water-your-self wrote:
| If a 13 year old was using irc regularly in 2022 I would
| be concerned for them. Not thata 13 year old shouldn't
| use irc but I would wonder how they found that
| destination, especially given the countless other sinks
| for internet denizens
| oars wrote:
| Thanks for sharing these links.
| avg_dev wrote:
| speaking as a software developer who has generally forgotten
| what little i know of routing, that is really cool
| silasdavis wrote:
| Oh noes you just doxxed their email address on the https
| munk-a wrote:
| It's probably more accurate to "Oh noes this HN post is going
| to get this guy a few dozen really lucrative job offers".
|
| Doxxing usually implies ill intent but having your personal
| information broadcast to HN is likely only to result in a few
| of the hiring managers that haunt here sending a cold offer.
| silasdavis wrote:
| Yes I thought so, as in you're quoted thing was exactly
| what I meant, sarcasm doesn't serialise well
| fragmede wrote:
| He must have added Apple at some point. Here's what I got
| (using _mtr_ ): 19. hello
| 0.0% 14 141.6 140.5 139.1 141.6 0.7 20.
| my.name.is.louis.poinsignon 0.0%
| 14 141.9 142.1 141.2 143.3 0.5 21.
| i.am.a.network.and.systems.engineer 0.0%
| 14 140.5 140.4 139.7 141.6 0.5 22.
| this.is.my.resume.over.traceroute 0.0%
| 14 140.5 140.4 140.0 141.5 0.5 23. o---experience---
| o 0.0% 14 139.9 140.4
| 139.4 141.4 0.5 24. 2021.apple.engineer.sf.usa
| 0.0% 14 140.7 140.5 139.8 141.2 0.4 25.
| 2018.cloudflare.engineer.sf.usa 0.0%
| 14 140.8 140.4 139.4 142.8 0.9 26.
| 2017.cloudflare.engineer.london.uk 0.0%
| 13 142.2 142.6 141.4 147.5 1.5 27.
| 2016.cloudflare.engineer.intern.sf.usa 0.0%
| 13 149.7 141.2 139.1 149.7 2.7 28. o---education---o
| 0.0% 13 142.1 142.1 141.3 144.1 0.7 29.
| 2015-2016.drexeluni.exchange.ce.philadelphia.usa 0.0%
| 13 140.9 140.3 139.5 141.3 0.5 30.
| 2011-2016.utt.master.ce.france 0.0%
| 13 143.1 142.3 140.8 143.3 0.7 31. o---skills---o
| 0.0% 13 140.3 140.9 139.7 146.0 1.6 32.
| golang.c.python 0.0%
| 13 142.2 142.4 141.1 146.0 1.2 33.
| networks.linux.automation.kafka.clickhouse.kubernetes 0.0%
| 13 139.6 140.5 139.3 142.2 0.8 34. statistics.maths
| 0.0% 13 141.6 142.1 141.2 142.8 0.5 35. o---
| various---o 0.0% 13
| 141.8 142.4 141.8 144.8 0.8 36. swimming.karate.piano
| 0.0% 13 139.8 141.4 138.7 155.2 4.2 37. o---
| contact---o 0.0% 13
| 140.1 140.3 138.6 141.7 0.8 38.
| mail.jobs.at.poinsignon.org 0.0%
| 13 141.1 142.5 141.1 145.4 1.1 39.
| cv6.poinsignon.org 0.0%
| 13 139.4 140.3 139.4 141.2 0.5
| [deleted]
| laundermaf wrote:
| If you can't see this, your ISP doesn't resolve IPv6, probably.
|
| It works for me once I enable "WARP" from my 1.1.1.1 app on iOS.
| billpg wrote:
| "That's very nice but can you email me a copy in Microsoft Word
| DOCX format please?"
| jen729w wrote:
| I'm just about to live this hell. On advice from a friend, my
| response will be a simple one: no, because it doesn't exist. It
| was written in Markdown [0]. Here's a PDF.
|
| I'm expecting the usual pushback, and will reciprocate. I'll
| let you know how it goes.
|
| [0]:
| https://github.com/johnnydecimal/resume/blob/main/resume.md
|
| (Yeah I shamelessly inserted my own resume.)
| Aeolun wrote:
| I gave up, I now generate my CV in docx from JSON, and
| convert that to PDF.
| zamadatix wrote:
| Missed opportunity to hide a secret message in hops 30+ or such
| :).
| baobabKoodaa wrote:
| I wonder what HR thinks about this resume format?
| mouzogu wrote:
| it's nice that for once, hr is the one being filtered.
| foresto wrote:
| See also: traceroute -m 60 bad.horse
| dr-detroit wrote:
| aidenn0 wrote:
| Note also that unlike TFA, bad.horse works with tracepath.
| pm2222 wrote:
| Doesn't work here. ALARM ~ $ tracepath
| 2001:bc8:3eff:c0::ff 1?: [LOCALHOST]
| 0.015ms pmtu 1500 ... ... 2: ALPHEUS-
| COM.edge1.Washington1.Level3.net 15.966ms 3:
| ae5-3828.edge1.Washington1.Level3.net 4.011ms
| 4: 2001:1900:2::3:18 77.693ms
| 5: 2001:1900:5:2:2::4a0a 78.469ms
| asymm 4 6: 2001:bc8:400:1::8a
| 78.737ms asymm 7 7: 2001:bc8:400:1::13a
| 78.635ms asymm 6 8: no reply 9: no reply
| 10: no reply 11: no reply 12: no reply 13:
| no reply
| aidenn0 wrote:
| I suspect that whatever underlying implementation is used only
| catches ICMP packets, not UDP packets.
|
| [edit]
|
| Note that "tracepath -m60 bad.horse" works just fine.
| [deleted]
| contingencies wrote:
| An old hack.
|
| For the history books, IIRC _proff_ (Julian Assange) presented
| this hack in 1997, shortly after he wrote _strobe.c_ (1995; AFAIK
| the first TCP half-open scanner). Here 's a 1998 public posting
| of the code:
| https://packetstormsecurity.com/files/12995/fakeroute.c.html
|
| At that time, the running joke was to provide inbound traceroutes
| spoofed next hops which implied you were working for a government
| agency (the Australian Federal Police, the Defence Signals
| Directorate (now Australian Signals Directorate) or the Defence
| Science and Technology Organisation (now the Defence Science and
| Technology Group)).
|
| Free Julian.
| DropKiwiFarms wrote:
| Evidlo wrote:
| See also the IPv6 bible:
| https://website.peterjin.org/wiki/IPv6_Bible
| walrus01 wrote:
| missed opportunity for a hop of all.your.base.are.belong.to.us
|
| main.screen.turn.on
|
| how.are.you.gentlemen
| snickerbockers wrote:
| alex14fr wrote:
| Funnily enough he didn't bother to put something in his default
| htdocs directory : https://poinsignon.org/
| leibnitz27 wrote:
| Great, but not Bad Horse great.
|
| https://www.a2wd.com/traceroute-bad-horse/
| calibas wrote:
| No wonder we're running out of IPv4 addresses.
| Bud wrote:
| I guess you didn't really look; these are IPv6 addresses.
| bmicraft wrote:
| not in the link gp was responding to
| jeroenhd wrote:
| It's only a /27, they were quite affordable a year or ten
| ago. A full /24 went for about $2500 back in 2015 when this
| was made and you can subdivide that to 8 customers who all
| get 30 usable addresses. Bit expensive for a joke, but not
| unmaintainably so.
|
| It's silly that ISPs have messed up their IPv6 deployment so
| badly that there's a "shortage" of IPv4 addresses now. Of
| course, IPv4 was never going to be enough; there are too many
| people on earth.
| rcarmo wrote:
| Pretty awesome :)
| thrwyoilarticle wrote:
| I wonder if these things ever pay off, or if it just ends up
| attracting a lot of opportunities to be part of a normal
| application system where it's a one-way system of proving your
| worth to the company?
| gghh wrote:
| I recall seeing something similar a while back, you'd traceroute
| to some IP address and the output was the opening text of a star
| wars movie
| https://www.theregister.com/2013/02/15/star_wars_traceroute/
| notRobot wrote:
| There's also telnet towel.blinkenlights.nl
| jvdvegt wrote:
| I guess the site can only be reached over IPv6? It seems I only
| have IPv4 :(
| jeroenhd wrote:
| No A record, so I guess so.
|
| If your ISP doesn't block ICMP, you can get IPv6 capabilities
| using tunnels like https://tunnelbroker.net/. Especially useful
| if you have a router you can configure this stuff on so all of
| your devices get IPv6 for free. Completely free of charge and
| with minimal latency if you live somewhere near a data centre.
| withinboredom wrote:
| Netflix and friends won't work over them. But with some
| clever routing, you can get it to work... I just got native
| ipv6 last winter and had to use tunnels like this for years.
| zamadatix wrote:
| https://i.imgur.com/EA1uspm.png
|
| All of the links just go to Wikipedia and the traceroute is as
| shown (minus the initial hops of course)
| 300bps wrote:
| I think it's reasonable to assume that this whole thing has
| been a marketing campaign to get people to finally have a
| reason to switch to IPv6.
|
| All kidding aside, IPv6 isn't even required for their website
| or this traceroute trick. He just set up an in-addr.arpa
| reverse DNS zone to reverse resolve particular IP addresses to
| specific values. If you had a block of 20 IPv4 addresses, I
| don't see anything stopping you from doing the exact same
| thing.
| yyyk wrote:
| >If you had a block of 20 IPv4 addresses, I don't see
| anything stopping you from doing the exact same thing.
|
| A block isn't necessary at all, even on IPv4. Traceroute can
| easily show internal address or just be lied to. Just
| recently we've seen a different example of this on HN:
|
| https://news.ycombinator.com/item?id=32566730
| [deleted]
| verst wrote:
| That could be a feature if he didn't want to work at companies
| that don't have a IPv6 network :)
| ju-st wrote:
| Doesn't seem to be the case, apple.com does not have an AAAA
| record. :(
|
| Also shame on Microsoft for no full IPv6 support in WSL2.
|
| (The CV posted above is outdated, this is what the traceroute
| shows today) 8 37 ms 36 ms 36 ms
| hello [2001:bc8:3eff:c0::1] 9 32 ms 32 ms 31
| ms My.name.is.Louis.Poinsignon [2001:bc8:3eff:c0::2] 10
| 33 ms 32 ms 31 ms I.am.a.network.and.systems.engineer
| [2001:bc8:3eff:c0::3] 11 35 ms 36 ms 35 ms
| This.is.my.resume.over.traceroute [2001:bc8:3eff:c0::4]
| 12 37 ms 35 ms 36 ms o---Experience---o
| [2001:bc8:3eff:c0:ee::] 13 36 ms 35 ms 35 ms
| 2021.Apple.Engineer.SF.USA [2001:bc8:3eff:c0:ee::714] 14
| 33 ms 34 ms 31 ms 2018.Cloudflare.Engineer.SF.USA
| [2001:bc8:3eff:c0:ee::cf3] 15 32 ms 34 ms 33 ms
| 2017.Cloudflare.Engineer.London.UK [2001:bc8:3eff:c0:ee::cf2]
| 16 38 ms 36 ms 35 ms
| 2016.Cloudflare.Engineer.Intern.SF.USA
| [2001:bc8:3eff:c0:ee::cf1] 17 36 ms 35 ms 34 ms
| o---Education---o [2001:bc8:3eff:c0:ed::] 18 36 ms
| 35 ms 34 ms
| 2015-2016.DrexelUni.Exchange.CE.Philadelphia.USA
| [2001:bc8:3eff:c0:ed::1] 19 37 ms 32 ms 32 ms
| 2011-2016.UTT.Master.CE.France [2001:bc8:3eff:c0:ed::2]
| 20 37 ms 34 ms 35 ms o---Skills---o
| [2001:bc8:3eff:c0:51::] 21 36 ms 36 ms 34 ms
| Golang.C.Python [2001:bc8:3eff:c0:51::1] 22 36 ms
| 34 ms 36 ms
| Networks.Linux.Automation.Kafka.Clickhouse.Kubernetes
| [2001:bc8:3eff:c0:51::2] 23 33 ms 33 ms 33 ms
| Statistics.Maths [2001:bc8:3eff:c0:51::3] 24 31 ms
| 32 ms 31 ms o---Various---o [2001:bc8:3eff:c0:7a::]
| 25 34 ms 35 ms 35 ms Swimming.Karate.Piano
| [2001:bc8:3eff:c0:7a::1] 26 36 ms 34 ms 35 ms
| o---Contact---o [2001:bc8:3eff:c0:c0::] 27 32 ms
| 34 ms 31 ms mail.jobs.at.poinsignon.org
| [2001:bc8:3eff:c0:c0::1] 28 33 ms 35 ms 30 ms
| cv6.poinsignon.org [2001:bc8:3eff:c0::ff]
| profmonocle wrote:
| apple.com is just a redirect to www.apple.com, which does
| have IPv6.
|
| Apple has been slowly but surely adding IPv6 to their
| public network services - App Store and OS downloads come
| over IPv6, and their NTP resolver just added IPv6 support.
|
| I guess the department that controls that apple.com ->
| www.apple.com redirect just hasn't bothered, which is
| interesting because such a simple, dumb redirect service is
| one of the easiest things to dual-stack (as in it probably
| doesn't store IPs or have to worry about blocking at all,
| it just responds with a 301)
| jackinloadup wrote:
| Same, it begins. My ISP needs to get it's act together.
| jonathantf2 wrote:
| Thought it was a dead link since it didn't work on my mobile data
| or home internet, turns out it's just a v6 only DNS record.
| bandyaboot wrote:
| I'd like to imagine one of the troubleshooting steps for
| Cloudflare's help desk when they see an uptick in customer
| service disruption complaints is to hit up Louis to ask if he's
| updating his resume again.
| talhof8 wrote:
| But do you know how to bubble sort an array?
| aynyc wrote:
| It's a simple dynamic programming problem. /s
| talhof8 wrote:
| lol
| bhaney wrote:
| "IMCP" looks to be a typo.
|
| Normally wouldn't bother to mention, but, you know, CVs
| dr-detroit wrote:
| betaby wrote:
| That's how it's done probably
| https://github.com/blechschmidt/fakeroute
| nabakin wrote:
| Except this doesn't have custom text. All the IP addresses
| correspond to real domain names
| betaby wrote:
| Another implementation
| https://blog.benjojo.co.uk/post/traceroute-haikus and I've
| seen many more.
| nabakin wrote:
| Awesome, this one works
| 0x0 wrote:
| Doesn't work properly here, I get a very local IPv6, then one row
| of stars, then the third hop is the destination?
| % traceroute6 -w1 cv6.poinsignon.org traceroute to
| cv6.poinsignon.org (2001:bc8:3eff:c0::ff), 30 hops max, 80 byte
| packets 1 2a01:x:x:x::1 (2a01:x:x:x::1) 0.794 ms 0.913
| ms 0.737 ms 2 * * * 3 2001:bc8:3eff::1
| (2001:bc8:3eff::1) 39.555 ms 39.668 ms 39.560 ms
|
| Not sure why "traceroute6" stops at the "...::1" but "mtr" shows
| an equivalent 3-hop route but actually shows "...::ff" for the
| third and final hop? (Edit: Using "-I" with "traceroute6" makes
| the third and final hop also show up as "::ff". Strange that ICMP
| vs UDP would give different IP addresses for the final hop?)
| profmonocle wrote:
| Some middlebox in your network is probably mucking with
| something. Are you behind a corporate firewall?
| 0x0 wrote:
| No, should be a native IPv6 consumer ISP... But now that you
| mention it, most other IPv6 sites act like this as well.
| Sorry, it's probably my ISP or maybe my router. Guess I
| haven't been tracerouting IPv6 much since getting native IPv6
| connectivity.
| biermic wrote:
| Some CTO guy who I work with does this with the password for
| internal docs. He thinks he is 1337.
|
| How long will it take, until someone gains access? I consider
| this an intentional security leak.
___________________________________________________________________
(page generated 2022-08-26 23:00 UTC)