Search results

All true. But the bigger issue is: the original post was about bad input sanitization. This is not that. Come on @lulzsecurity, figure out what you're mad about. Or better yet, do something about it.

Thanks, I was hitting this at least three or four times per week. Haven't hit it since. Glad you're not too worried about abuse, I don't think upvotes would be as abused as downvotes.

Also no bashing of another provider, and users in the providers forum group should link to their website in their sig so we know which provider they are.

People looking for attention always get it, in some way, shape, or form. It might be in the form of "we all hate you", so if this guy is fine with that then yes, he has accomplished his objective. Who cares, though?

Too true, that. Once a company gets big enough, they figure they don't actually have to do anything any more. Customers are guaranteed no matter what.

I know that, but why tunnel if you don't have to? Besides, tunneling won't work as well for this server as for my setup w/ you because they don't have direct HE peering and the nearest tunnel server is in Miami, an extra hop or two away.

Yeah, I figured as much. IDK how often HE updates the databases, but it should be in soon. Still, gotta wonder how Merit Network got involved. Certainly shouldn't be a secondhand IPv6 block.

Yeah but I can only imagine it's easy to accidentally leave nasty little back doors in place when you have code like that in there.

I imagine HE.net just needs to update their databases, but in the mean time that's very strange.

That IP pings and responds on port 80, but doesn't show up in a search at bgp.he.net. However when I plug it in to asn.cymru.com I get that it's at AS237, "Merit Network", an organization dedicated to providing connectivity between Michigan universities. What on earth?

If that were what he were really doing we wouldn't mind, but what he's really doing is saying "na na na na poo poo, I've got an exploit". Holding it over our heads, trying to get everyone's attention with how smart he is. Otherwise he'd communicate privately with WHMCS.

Is it possible that that indicates progress towards a new version?

There's a coincidence, I did that too earlier. Thanks for checking this.

Partly impressed, partly skeptical that you got it up so quickly. What about testing and such? And the AS still doesn't show any IPv6 prefixes. Do you have a test IPv6 address?

For goodness sakes... MannDude or mods, check the IPs of this exploit-threatening clown and see if they match up with netnub. Even if you're not Curtis G, you really shouldn't just go throwing 0-days around. It shouldn't take the mind of a rocket scientist to see how that's a bad idea.

Whoever does work like that should not be allowed to program. There will be another explosion soon, or I'm an idiot. (Probably true anyway, but still...)

Definitely no potential for a vulnerability there... [/sarcasm] (in case it wasn't obvious)

What space? AS19531 doesn't originate any IPv6 prefixes.

While I certainly think it is worth at least 1000GBP, I don't think you'll get it here. You need it in some public marketplace, or some public auction or something. It just doesn't get moneyed eyeballs here.

Good providers, those. With those in the network and IPv6 this suddenly becomes a killer deal :) Will keep an eye on it.