nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: cloudflare hosting a ddos service?

From: Eric Kuhnke <eric.kuhnke () gmail com>
Date: Tue, 26 Jul 2016 19:50:41 -0700
Looks like barrier to obtaining an EV SSL certificate is not very high
these days.

There's documentation requirements, but root CAs can't be seen to
discriminate against companies in the developing world. I suppose all you
need is a scanned business license/incorporation documents from your local
municipality in Outer Elbonia, and a few scanned copies of fake ID, and
your $99 payment for the first year.



On Tue, Jul 26, 2016 at 7:33 PM, Paras Jha <paras () protrafsolutions com>
wrote:


This is quite common, almost all of the DDoS-for-hire services are hosted
behind CloudFlare, and a great majority of them take PayPal. Another one
had even managed to secure an EV SSL cert.

On Tue, Jul 26, 2016 at 10:24 PM, Dovid Bender <dovid () telecurve com>
wrote:


I used to have a boss that was convinced that MCafee was writing viruses
to stay in business....

Regards,

Dovid

-----Original Message-----
From: Phil Rosenthal <pr () isprime com>
Sender: "NANOG" <nanog-bounces () nanog org>Date: Tue, 26 Jul 2016 22:17:53
To: jim deleskie<deleskie () gmail com>
Cc: NANOG list<nanog () nanog org>
Subject: Re: cloudflare hosting a ddos service?

Plus, it’s good for business!

-Phil


On Jul 26, 2016, at 10:14 PM, jim deleskie <deleskie () gmail com> wrote:

sigh...

On Tue, Jul 26, 2016 at 10:55 PM, Patrick W. Gilmore <

patrick () ianai net>

wrote:


CloudFlare will claim they are not hosting the problem. They are just
hosting the web page that lets you pay for or points at or otherwise
directs you to the problem.

The actual source of packets is some other IP address. Therefore, they

can

keep hosting the web page. It is not sending the actual
[spam|DDoS|hack|etc.], right? So stop asking them to do something

about

it!


Whether you think that is the proper way to provide service on the
Internet is left as an exercise to the reader.

--
TTFN,
patrick


On Jul 26, 2016, at 9:49 PM, Mike <mike-nanog () tiedyenetworks com>

wrote:


Hi,

  So vbooter.org's dns and web is hosted by cloudflare?

"Using vBooter you can take down home internet connections, websites

and

game servers such us Minecraft, XBOX Live, PSN and many more."


  dig -t ns vbooter.org

; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;vbooter.org.            IN    NS

;; ANSWER SECTION:
vbooter.org.        21599    IN    NS    rick.ns.cloudflare.com.
vbooter.org.        21599    IN    NS    amy.ns.cloudflare.com.

dig -t a www.vbooter.org

; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.vbooter.org.        IN    A

;; ANSWER SECTION:
www.vbooter.org.    299    IN    CNAME    vbooter.org.
vbooter.org.        299    IN    A    104.28.13.7
vbooter.org.        299    IN    A    104.28.12.7


  Can anyone from cloudflare answer me why this fits with your

business

model?


Mike-









--
Regards,
Paras

President
ProTraf Solutions, LLC
Enterprise DDoS Mitigation
Previous By Date Next
Previous By Thread Next

Current thread: