Cloudflare Radar Data

Technical discussion of using Cloudflare's BGP monitoring tools, route leak detection, and publicly available BGP datasets for analysis

Cloudflare Radar data serves as a powerful lens for technical analysis, revealing the growing prevalence of HTTPS query types used for Encrypted Client Hello and tracking RPKI status for specific service providers. While some users note that high-level dashboard visualizations can occasionally mask individual attacks over long durations, the depth of the available datasets remains impressive. Beyond mere network monitoring, there is significant interest in the potential for this telemetry to act as a predictive indicator for geopolitical shifts or regional instability. This transformation of internet traffic data into a tool for social forecasting highlights the broader utility of Cloudflare’s publicly available monitoring tools.

View on HN · Topics

I guess one of the interesting things I learnt off this article(1) was that 7% of DNS query types served by 1.1.1.1 are HTTPS and started wondering what HTTPS query type was as I had only heard of A, MX, AAAA, SPF etc...

Apparently that is part of implementing ECH (Encrypted Client Hello) in TLS 1.3 where the DNS hosts the public key of the server to fully encrypt the server name in a HTTPS request. Since Nginx and other popular web servers don't yet support it, I suspect the 7% of requests are mostly Cloudflare itself.

(1) https://radar.cloudflare.com/?ref=loworbitsecurity.com#dns-q...

View on HN · Topics

Not from the cloudflare dashboard, you can zoom out. The night of the attack doesnt even really stand out as abnormal when zooming out that far.

View on HN · Topics

I wonder if this can be monitored on a global scale as a sort of predictor of “something gonna happen at country X”.

View on HN · Topics

Symbolic link to the Cloudflare RPKI status for CANTV.

[1]: https://radar.cloudflare.com/routing/as8048ref=loworbitsecur...

Summarizer