[svlug] Cloudbleed ahoy

Rick Moen rick at linuxmafia.com
Sat Feb 25 19:19:27 PST 2017

Previous message: [svlug] Cloudbleed ahoy
Next message: [svlug] Cloudbleed ahoy
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Quoting Dan Ritter (dsr at randomstring.org):

> Or let http://www.doesitusecloudflare.com/  search for you.

Sure, I supposed you could, but this turned out to take only 8 1/2
seconds for checking 31 domains.  On a Pentium III with ancient hard
drives.


[rick at linuxmafia]
/tmp/sites-using-cloudflare-master $ time for i in $(cat domains); do grep -x -F $i sorted_unique_cf.txt; done
23andme.com

real    0m8.514s
user    0m3.448s
sys     0m5.032s
[rick at linuxmafia]
/tmp/sites-using-cloudflare-master $ wc -l domains
31 domains
[rick at linuxmafia]
/tmp/sites-using-cloudflare-master $ ls -lh sorted_unique_cf.txt
-rw-r--r-- 1 rick rick 69M Feb 25 17:26 sorted_unique_cf.txt
[rick at linuxmafia]
/tmp/sites-using-cloudflare-master $

'sorted_unique_cf.txt' is the unpacked list of 4,287,625 possibly
affected domains.  'domains' is my ASCII list of Internet domains whose
security I care about that I've used in the last six months and might
(or might not) be Cloudfare customers.

(Yes, I do indeed have a 23andMe membership.  Turns out I'm a Euromutt,
which is not really surprising.  mtDNA haplogroup V2, paternal
haplogroup R1b1b2a1a1 (marker U106). )


The Zip archive containing sorted_unique_cf.txt includes an interesting
README, that has observations like this one:

  Theoretically sites not in this list can also be affected (because an
  affected site could have made an API request to a non-affected one),
  *you should probably change all your important passwords*.

Previous message: [svlug] Cloudbleed ahoy
Next message: [svlug] Cloudbleed ahoy
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list