Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
q3k
20 days ago
|
parent
|
context
|
favorite
| on:
Cloudflare Global Network experiencing issues
Plenty of ways to leak the original server IP address if it isn't really well hardened against that (and most aren't).
olalonde
19 days ago
[–]
Like? Aside from scanning DNS records (assuming the protected IP is in there somewhere) or scanning the entire IPv4 (assuming the server responds to non CloudFlare requests), I can't think of any. And both methods are simple to protect against.
q3k
19 days ago
|
parent
[–]
Some of it is tradecraft, but have two: SSRF bugs/features and chatty email headers.
olalonde
18 days ago
|
root
|
parent
[–]
Right. Still a far cry from "anyone can bypass CloudFlare" though.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
