Bug #17233

Ensure only one of our HTP pool has hosts handled by Cloudflare

Added by intrigeri 2019-11-14 16:16:09 . Updated 2019-11-15 01:37:58 .

Status:
Confirmed
Priority:
Normal
Assignee:
Category:
Time synchronization
Target version:
Start date:
Due date:
% Done:

0%

Feature Branch:
Type of work:
Code
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

… as suggested by hefee on Bug #12023. Otherwise, our multi-pool design for htpdate is a bit moot.


Subtasks


Related issues

Related to Tails - Bug #12023: htpdate: stop sending User-Agent that fakes Tor Browser Resolved 2016-12-08
Related to Tails - Bug #11562: Monitor servers from the htpdate pools Confirmed 2016-07-14

History

#1 Updated by intrigeri 2019-11-14 16:16:49

  • related to Bug #12023: htpdate: stop sending User-Agent that fakes Tor Browser added

#2 Updated by intrigeri 2019-11-14 16:16:54

  • related to Bug #11562: Monitor servers from the htpdate pools added

#3 Updated by hefee 2019-11-15 01:37:58

What metric can we use to identify a site that fronted by Cloudflare?

curl -I zerobin.net
[...]
Server: cloudflare
[...]

Server, Alt-svc header. IP-Address ranges (https://www.cloudflare.com/ips/).

If we check for Cloudflare, we may also what to make sure that no other big Cloud services control more than one pool.

AWS (Amazon Web Service):
https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html