We routinely mitigate L7s. Matthew is also on the record saying we've seen and mitigated similar attacks to this one (based on available information about this attack). ____________ Justin Paine Head of Trust & Safety CloudFlare Inc. PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D On Fri, Sep 23, 2016 at 12:26 PM, Patrick W. Gilmore <patrick@ianai.net> wrote:
Is CloudFlare able to filter Layer 7 these days? I was under the impression CloudFlare was not able to do that.
There have been a lot of rumors about this attack. Some say reflection, others say Layer 7, others say .. other stuff. If it is Layer 7, how are you going to ‘step in front of the cannon’? Would you just pass through all the traffic?
I realize Matthew is always happy for publicity (hell, the whole planet is aware of that). But if your system cannot actually do the required task, I’m not sure your company should give you credit for offering a service the user cannot use.
-- TTFN, patrick
On Sep 23, 2016, at 3:16 PM, Justin Paine via NANOG <nanog@nanog.org> wrote:
FWIW, we have offered to help. No word so far. We're more than willing to step in front of the cannon pointed his way.
____________ Justin Paine Head of Trust & Safety CloudFlare Inc. PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D
On Fri, Sep 23, 2016 at 11:58 AM, Marcin Cieslak <saper@saper.info> wrote:
On Fri, 23 Sep 2016, jim deleskie wrote:
They were hosting him for free, and like insurance, I can assure you if you are consistently using a service, and not covering the costs of that service you won't be a client for long. This is the basis for AUP/client contracts and have been going back to the days when we all offered only dialup internet.
Does being a victim of a DDoS constitute a breach of AUP?
Marcin Cieślak