nanog mailing list archives
RE: EVERYTHING about Booters (and CloudFlare)
From: "Naslund, Steve" <SNaslund () medline com>
Date: Thu, 28 Jul 2016 16:51:19 +0000
It is not beyond the realm of law enforcement to run down the entire chain of events all the way back to the “whodunit” and “howdunit”. It is pretty amazing what they can figure out when they put their minds to it and don’t underestimate what they can learn by getting someone in the hot seat under the bare light bulb. They also have lots of informants. Victim complaints don’t matter a bit to these guys, it will take the guys in the windbreakers kicking in the doors one of these days. Steven Naslund Chicago IL
On Thu, Jul 28, 2016 at 12:20 PM, Phil Rosenthal <pr () isprime com<mailto:pr () isprime com>> wrote: Keep in mind also, the victims of these DDoS attacks do not know which "booter" service was paid to attack them. The packets do not have "Stress test provided by vBooter" in them. The attack packets do not ?>come from the booter's or Cloudflare's IP addresses, they come from secondary victims -- compromised servers, PC's infected with malware, and abused DNS/NTP [and a few other protocols] reflectors. It is impossible for a victim to submit a complaint to Cloudflare stating "I was attacked by someone paying vBooter", because they do not know which of the numerous "booter" services was responsible. -Phil
Current thread:
- RE: EVERYTHING about Booters (and CloudFlare), (continued)
- RE: EVERYTHING about Booters (and CloudFlare) Naslund, Steve (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Aaron (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Paul WALL (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Paras Jha (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Miles Fidelman (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Niels Bakker (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Miles Fidelman (Jul 28)
- RE: EVERYTHING about Booters (and CloudFlare) Naslund, Steve (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Phil Rosenthal (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) chris (Jul 28)
- RE: EVERYTHING about Booters (and CloudFlare) Naslund, Steve (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Phil Rosenthal (Jul 28)
- RE: EVERYTHING about Booters (and CloudFlare) Naslund, Steve (Jul 28)
- RE: EVERYTHING about Booters (and CloudFlare) Naslund, Steve (Jul 28)
- Cloudflare, dirty networks and politricks J. Oquendo (Jul 28)
- RE: Cloudflare, dirty networks and politricks Naslund, Steve (Jul 28)
- Re: Cloudflare, dirty networks and politricks J. Oquendo (Jul 28)
- Re: Cloudflare, dirty networks and politricks McDonald Richards (Jul 28)
- Re: Cloudflare, dirty networks and politricks J. Oquendo (Jul 28)
- Re: Cloudflare, dirty networks and politricks Seth Mattinen (Jul 28)
- Re: Cloudflare, dirty networks and politricks McDonald Richards (Jul 28)