Justin, The only problem with that statement is that it's not true: if you did terminate service to them, the websites would go away. Maybe not today, but eventually. "Network stresser" owners are notorious for trying to take out the competition. Cloudflare provides free protection for these services to stay online. Most other ISPs wouldn't tolerate such shenanigans, whether it be for facilitating illegal activities or being on the receiving end of DDoS attacks, and would kick them off. On Tue, Jul 26, 2016 at 10:58 PM, Justin Paine <justin@cloudflare.com> wrote:
Folks,
"For a long time their abuse@ alias was (literally) routed to /dev/null. I'm not sure whether that's still the case or whether they now ignore reports manually."
@Steve It (literally) never was. :) The team I manage processes reports all day long. If you have a report to file certainly do so, https://www.cloudflare.com/abuse
On the topic of booters:
Short version -- As someone already mentioned, CloudFlare continues not to be a hosting provider.
Our CEO has broadly covered this topic several times. https://blog.cloudflare.com/thoughts-on-abuse/
Even if we removed our service the website does not go away, it doesn't solve the problem if we temporarily stop providing DNS to the domain(s). An often overlooked but extremely important note: there are some situations where law enforcement has required that we *not* terminate service to certain websites. In those situations we are of course not allowed to discuss specifics.
____________ Justin Paine Head of Trust & Safety CloudFlare Inc. PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D
A five minute Google search revealed this, which is just the tip of the iceberg
booter.xyz exitus.to zstress.net critical-boot.com instress.club webstresser.co anonymousstresser.com rawdos.com kronosbooter.com alphastress.com synergy.so str3ssed.me layer7.pw
There are probably hundreds
On Tue, Jul 26, 2016 at 10:33 PM, Paras Jha <paras@protrafsolutions.com> wrote:
This is quite common, almost all of the DDoS-for-hire services are hosted behind CloudFlare, and a great majority of them take PayPal. Another one had even managed to secure an EV SSL cert.
On Tue, Jul 26, 2016 at 10:24 PM, Dovid Bender <dovid@telecurve.com> wrote:
I used to have a boss that was convinced that MCafee was writing viruses to stay in business....
Regards,
Dovid
-----Original Message----- From: Phil Rosenthal <pr@isprime.com> Sender: "NANOG" <nanog-bounces@nanog.org>Date: Tue, 26 Jul 2016 22:17:53 To: jim deleskie<deleskie@gmail.com> Cc: NANOG list<nanog@nanog.org> Subject: Re: cloudflare hosting a ddos service?
Plus, it’s good for business!
-Phil
On Jul 26, 2016, at 10:14 PM, jim deleskie <deleskie@gmail.com> wrote:
sigh...
On Tue, Jul 26, 2016 at 10:55 PM, Patrick W. Gilmore <
wrote:
CloudFlare will claim they are not hosting the problem. They are
just
hosting the web page that lets you pay for or points at or otherwise directs you to the problem.
The actual source of packets is some other IP address. Therefore,
On Tue, Jul 26, 2016 at 7:42 PM, Paras Jha <paras@protrafsolutions.com> wrote: patrick@ianai.net they
can
keep hosting the web page. It is not sending the actual [spam|DDoS|hack|etc.], right? So stop asking them to do something about it!
Whether you think that is the proper way to provide service on the Internet is left as an exercise to the reader.
-- TTFN, patrick
> On Jul 26, 2016, at 9:49 PM, Mike <mike-nanog@tiedyenetworks.com> wrote: > > Hi, > > So vbooter.org's dns and web is hosted by cloudflare? > > "Using vBooter you can take down home internet connections, websites and game servers such us Minecraft, XBOX Live, PSN and many more." > > dig -t ns vbooter.org > > ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 512 > ;; QUESTION SECTION: > ;vbooter.org. IN NS > > ;; ANSWER SECTION: > vbooter.org. 21599 IN NS rick.ns.cloudflare.com. > vbooter.org. 21599 IN NS amy.ns.cloudflare.com. > > dig -t a www.vbooter.org > > ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 512 > ;; QUESTION SECTION: > ;www.vbooter.org. IN A > > ;; ANSWER SECTION: > www.vbooter.org. 299 IN CNAME vbooter.org. > vbooter.org. 299 IN A 104.28.13.7 > vbooter.org. 299 IN A 104.28.12.7 > > > Can anyone from cloudflare answer me why this fits with your business model? > > Mike-
-- Regards, Paras
President ProTraf Solutions, LLC Enterprise DDoS Mitigation
-- Regards, Paras
President ProTraf Solutions, LLC Enterprise DDoS Mitigation
-- Regards, Paras President ProTraf Solutions, LLC Enterprise DDoS Mitigation