Discuss mailing list

[Se7en <se7en AT cock.email>]

On 21-09-02 02:34:52, Lennart Seitz wrote:
> [snip]
>> Which one? 185.121.177.177 or 169.239.202.202? I am in the United
>> States. 
> 
> Talking about 185.121.177.177:
> dig duckduckgo.com @185.121.177.177 +short
> 40.114.177.156
> 
> Seems to be located in Frankfurt by Vultr
> [Snip]

# First run before changing DNS back (on Quad9 with DNSSEC)

$ dig duckduckgo.com @185.121.177.177 +short
157.240.7.34

$ traceroute duckduckgo.com
traceroute to duckduckgo.com (52.250.42.157), 30 hops max, 60 byte packets
 1  www.routerlogin.com (192.168.1.1)  1.089 ms  1.039 ms  0.991 ms
 2  [Redacted]  12.057 ms  12.037 ms  12.041 ms
 3  100.127.5.182 (100.127.5.182)  12.885 ms  12.865 ms  12.840 ms
 4  mtc3bbrj02-so100.0.rd.ok.cox.net (68.1.1.117)  13.571 ms  13.519 ms  
13.363 ms
 5  coxcommunications.ier01.las30.ntwk.msn.net (104.44.197.109)  13.477 ms  
13.308 ms  13.392 ms
 6  ae29-0.icr01.by4.ntwk.msn.net (104.44.41.181)  34.599 ms  31.396 ms  
31.330 ms
 7  be-140-0.ibr03.by4.ntwk.msn.net (104.44.22.147)  54.214 ms 
be-160-0.ibr04.by4.ntwk.msn.net (104.44.22.155)  55.702 ms  55.606 ms
 8  be-4-0.ibr01.pdx31.ntwk.msn.net (104.44.16.75)  55.389 ms  55.330 ms  
55.319 ms
 9  be-3-0.ibr01.mwh01.ntwk.msn.net (104.44.16.70)  59.295 ms  55.405 ms  
55.568 ms
10  be-2-0.ibr03.mwh01.ntwk.msn.net (104.44.16.80)  55.513 ms 
be-5-0.ibr03.mwh01.ntwk.msn.net (104.44.16.7)  54.832 ms 
ae160-0.icr01.mwh01.ntwk.msn.net (104.44.21.148)  54.888 ms
11  ae140-0.icr03.mwh01.ntwk.msn.net (104.44.21.160)  59.155 ms *  53.071 ms
12  * * *
[...]


# Second run after changing DNS back

$ dig duckduckgo.com @185.121.177.177 +short
69.171.246.9

$ traceroute duckduckgo.com

traceroute to duckduckgo.com (69.171.246.9), 30 hops max, 60 byte packets
 1  www.routerlogin.com (192.168.1.1)  1.105 ms  1.055 ms  1.010 ms
 2  [redacted]  8.505 ms  12.826 ms  12.793 ms
 3  100.127.5.182 (100.127.5.182)  13.484 ms  13.459 ms  13.440 ms
 4  100.120.102.40 (100.120.102.40)  13.096 ms  13.053 ms  13.127 ms
 5  68.1.4.252 (68.1.4.252)  18.953 ms  19.051 ms  19.010 ms
 6  * * *
[...]

After switchback, duckduckgo is no longer MITM but is completely
unreachable.

Switch back to Quad9 (temporary) with DNSSEC

$ dig duckduckgo.com @185.121.177.177 +short
103.39.76.66

$ traceroute duckduckgo.com
traceroute to duckduckgo.com (52.250.42.157), 30 hops max, 60 byte packets
 1  www.routerlogin.com (192.168.1.1)  0.695 ms  0.685 ms  1.244 ms
 2  [REDACTED]  8.209 ms  8.188 ms  12.745 ms
 3  100.127.5.182 (100.127.5.182)  13.556 ms  13.540 ms  13.517 ms
 4  mtc3bbrj02-so100.0.rd.ok.cox.net (68.1.1.117)  14.890 ms  14.831 ms  
14.815 ms
 5  coxcommunications.ier01.las30.ntwk.msn.net (104.44.197.109)  14.301 ms  
14.254 ms  14.304 ms
 6  ae29-0.icr01.by4.ntwk.msn.net (104.44.41.181)  35.224 ms  31.779 ms  
31.714 ms
 7  be-160-0.ibr04.by4.ntwk.msn.net (104.44.22.155)  52.113 ms 
be-140-0.ibr03.by4.ntwk.msn.net (104.44.22.147)  56.776 ms  56.090 ms
 8  be-4-0.ibr01.pdx31.ntwk.msn.net (104.44.16.75)  56.377 ms 
be-4-0.ibr02.pdx31.ntwk.msn.net (104.44.16.77)  55.990 ms 
be-2-0.ibr03.by21.ntwk.msn.net (104.44.17.20)  56.018 ms
 9  be-3-0.ibr02.mwh01.ntwk.msn.net (104.44.16.72)  56.546 ms 
be-11-0.ibr01.pdx30.ntwk.msn.net (104.44.7.188)  55.961 ms 
be-3-0.ibr01.mwh01.ntwk.msn.net (104.44.16.70)  56.406 ms
10  ae102-0.icr02.mwh01.ntwk.msn.net (104.44.21.142)  56.156 ms 
be-4-0.ibr04.mwh01.ntwk.msn.net (104.44.16.68)  55.937 ms 
be-2-0.ibr04.mwh01.ntwk.msn.net (104.44.16.85)  56.633 ms
11  * ae142-0.icr04.mwh01.ntwk.msn.net (104.44.21.162)  52.167 ms *
12  * * *

These tests were performed as I was drafting this email just now. 

-- 
|-----/                   | Se7en
     /  The One and Only! | se7en AT cock.email
    /                     | 0x0F83F93882CF6116
   /                      | https://se7en-site.neocities.org

Attachment: signature.asc
Description: PGP signature