Re: cloudflare hosting a ddos service?
> On Jul 26, 2016, at 7:58 PM, Justin Paine wrote: > > Folks, > > "For a long time their abuse@ alias was (literally) routed to /dev/null. I'm > not > sure whether that's still the case or whether they now ignore reports > manually." > > @Steve It (literally) never was. :) Yes, it was. The smiley doesn't make your statement true. > The team I manage processes > reports all day > long. If you have a report to file certainly do so, > https://www.cloudflare.com/abuse I gave up on doing that in late 2014 after reporting thousands of pieces of spam advertising websites hosted by Cloudflare, with no action taken, no reply received, no ticket created, *nothing*. Not in response to mail sent to abuse@cloudflare, not in response to backchannel reports, not in response to mentions in person to staff at conferences. (This was mostly people selling lists of credit card numbers rather than booters, but it's the same sort of issue). Just to see what had changed, I went back to look at the sites I reported to Cloudflare in 2014. The couple I spot-checked are still hosted by Cloudflare. Given that you (Cloudflare, rather than you personally) haven't changed your policy of never terminating abusive websites you host then continuing to report them to you seems fairly pointless. > > > On the topic of booters: > > Short version -- As someone already mentioned, CloudFlare continues > not to be a hosting provider. That's untrue, of course. You terminate the http connection; you're hosting the website; you're hiding the identity of any other operators involved; you continue to serve the website even when the backing server has been terminated. Adding an interstitial for sites hosting malware is nice and all, but the problematic customers are the ones that are selling access to those malware compromised machines. You are taking sole responsibility by your actions, while denying all responsibility in your public statements. > > Our CEO has broadly covered this topic several times. > https://blog.cloudflare.com/thoughts-on-abuse/ > > Even if we removed our service the website does not go away,it > doesn't solve the problem if we temporarily stop providing DNS to the > domain(s). An often overlooked but extremely important note: there are > some situations where law > enforcement has required that we *not* terminate service to certain > websites. In those situations we are of course not allowed to discuss > specifics. Cheers, Steve
Re: cloudflare hosting a ddos service?
I read through the blog post, and it was an interesting window into how Cloudflare operates. If I could be so bold as to raise this issue, however - Specifically, this part *Originally, when we would receive reports of phishing or malware we would terminate the customers immediately. The challenge was that this didn't actually solve the problem. Since we're just a proxy, not the host, us terminating the customer doesn't make the harmful content disappear. Terminating the site effectively just kicked the problem further down the road, moving it off our network and onto someone else's.* >From that paragraph, what I understand it as is that Cloudflare doesn't want to terminate customers hosting illegal content / facilitating illegal activities because if they do, that content will just move elsewhere. It was an interesting parallel to one of the problems plaguing the internet today - source address spoofing. More and more hosts are implementing source address verification, but unfortunately there are still those that still allow source address spoofing (and those hosts are sometimes used to launch amplified DDoS attacks). However, reputable hosts don't make the argument "We won't disallow source address spoofing because if we block it, the customers will just go elsewhere". Reputable providers block it, and try to get others to block the problem as well. The difference is that Cloudflare is lax "because other people are lax, so it's pointless for us to be strict". That kind of logic is the same flawed logic that goes with "I shouldn't vote, because no matter which way I vote my vote is insignificant". Sure, as a single entity that's true - but if everybody thought that, we'd be in a real pickle. Some problems are larger than what an individual faces, and must be addressed by not just a single entity, but all the entities to whom this problem affects - it is your responsibility to vote, a hosts responsibility to disable source address verification (and help fight crime on their network), and I'd argue it's Cloudflare's responsibility to help stop abuse. Just my 2C On Tue, Jul 26, 2016 at 11:02 PM, Paras Jha wrote: > Justin, > > The only problem with that statement is that it's not true: if you did > terminate service to them, the websites would go away. Maybe not today, but > eventually. "Network stresser" owners are notorious for trying to take out > the competition. Cloudflare provides free protection for these services to > stay online. Most other ISPs wouldn't tolerate such shenanigans, whether it > be for facilitating illegal activities or being on the receiving end of > DDoS attacks, and would kick them off. > > On Tue, Jul 26, 2016 at 10:58 PM, Justin Paine > wrote: > >> Folks, >> >> "For a long time their abuse@ alias was (literally) routed to /dev/null. >> I'm not >> sure whether that's still the case or whether they now ignore reports >> manually." >> >> @Steve It (literally) never was. :) The team I manage processes >> reports all day >> long. If you have a report to file certainly do so, >> https://www.cloudflare.com/abuse >> >> >> On the topic of booters: >> >> Short version -- As someone already mentioned, CloudFlare continues >> not to be a hosting provider. >> >> Our CEO has broadly covered this topic several times. >> https://blog.cloudflare.com/thoughts-on-abuse/ >> >> Even if we removed our service the website does not go away, it >> doesn't solve the problem if we temporarily stop providing DNS to the >> domain(s). An often overlooked but extremely important note: there are >> some situations where law >> enforcement has required that we *not* terminate service to certain >> websites. In those situations we are of course not allowed to discuss >> specifics. >> >> >> Justin Paine >> Head of Trust & Safety >> CloudFlare Inc. >> PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D >> >> >> On Tue, Jul 26, 2016 at 7:42 PM, Paras Jha >> wrote: >> > A five minute Google search revealed this, which is just the tip of the >> > iceberg >> > >> > booter.xyz >> > exitus.to >> > zstress.net >> > critical-boot.com >> > instress.club >> > webstresser.co >> > anonymousstresser.com >> > rawdos.com >> > kronosbooter.com >> > alphastress.com >> > synergy.so >> > str3ssed.me >> > layer7.pw >> > >> > There are probably hundreds >> > >> > >> > >> > On Tue, Jul 26, 2016 at 10:33 PM, Paras Jha > > >> > wrote: >> > >> >> This is quite common, almost all of the DDoS-for-hire services are >> hosted >> >> behind CloudFlare, and a great majority of them take PayPal. Another >> one >> >> had even managed to secure an EV SSL cert. >> >> >> >> On Tue, Jul 26, 2016 at 10:24 PM, Dovid Bender >> >> wrote: >> >> >> >>> I used to have a boss that was convinced that MCafee was writing >> viruses >> >>> to stay in business >> >>> >> >>> Regards, >> >>> >> >>> Dovid >> >>> >> >>> -Original Message- >> >>> From: Phil Rosenthal >> >>> Sender: "NANOG" Date: Tue, 26 Jul 2016 >> 22:17:53 >> >>
Re: cloudflare hosting a ddos service?
Justin, The only problem with that statement is that it's not true: if you did terminate service to them, the websites would go away. Maybe not today, but eventually. "Network stresser" owners are notorious for trying to take out the competition. Cloudflare provides free protection for these services to stay online. Most other ISPs wouldn't tolerate such shenanigans, whether it be for facilitating illegal activities or being on the receiving end of DDoS attacks, and would kick them off. On Tue, Jul 26, 2016 at 10:58 PM, Justin Paine wrote: > Folks, > > "For a long time their abuse@ alias was (literally) routed to /dev/null. > I'm not > sure whether that's still the case or whether they now ignore reports > manually." > > @Steve It (literally) never was. :) The team I manage processes > reports all day > long. If you have a report to file certainly do so, > https://www.cloudflare.com/abuse > > > On the topic of booters: > > Short version -- As someone already mentioned, CloudFlare continues > not to be a hosting provider. > > Our CEO has broadly covered this topic several times. > https://blog.cloudflare.com/thoughts-on-abuse/ > > Even if we removed our service the website does not go away, it > doesn't solve the problem if we temporarily stop providing DNS to the > domain(s). An often overlooked but extremely important note: there are > some situations where law > enforcement has required that we *not* terminate service to certain > websites. In those situations we are of course not allowed to discuss > specifics. > > > Justin Paine > Head of Trust & Safety > CloudFlare Inc. > PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D > > > On Tue, Jul 26, 2016 at 7:42 PM, Paras Jha > wrote: > > A five minute Google search revealed this, which is just the tip of the > > iceberg > > > > booter.xyz > > exitus.to > > zstress.net > > critical-boot.com > > instress.club > > webstresser.co > > anonymousstresser.com > > rawdos.com > > kronosbooter.com > > alphastress.com > > synergy.so > > str3ssed.me > > layer7.pw > > > > There are probably hundreds > > > > > > > > On Tue, Jul 26, 2016 at 10:33 PM, Paras Jha > > wrote: > > > >> This is quite common, almost all of the DDoS-for-hire services are > hosted > >> behind CloudFlare, and a great majority of them take PayPal. Another one > >> had even managed to secure an EV SSL cert. > >> > >> On Tue, Jul 26, 2016 at 10:24 PM, Dovid Bender > >> wrote: > >> > >>> I used to have a boss that was convinced that MCafee was writing > viruses > >>> to stay in business > >>> > >>> Regards, > >>> > >>> Dovid > >>> > >>> -Original Message- > >>> From: Phil Rosenthal > >>> Sender: "NANOG" Date: Tue, 26 Jul 2016 > 22:17:53 > >>> To: jim deleskie > >>> Cc: NANOG list > >>> Subject: Re: cloudflare hosting a ddos service? > >>> > >>> Plus, it’s good for business! > >>> > >>> -Phil > >>> > >>> > On Jul 26, 2016, at 10:14 PM, jim deleskie > wrote: > >>> > > >>> > sigh... > >>> > > >>> > On Tue, Jul 26, 2016 at 10:55 PM, Patrick W. Gilmore < > patr...@ianai.net > >>> > > >>> > wrote: > >>> > > >>> >> CloudFlare will claim they are not hosting the problem. They are > just > >>> >> hosting the web page that lets you pay for or points at or otherwise > >>> >> directs you to the problem. > >>> >> > >>> >> The actual source of packets is some other IP address. Therefore, > they > >>> can > >>> >> keep hosting the web page. It is not sending the actual > >>> >> [spam|DDoS|hack|etc.], right? So stop asking them to do something > >>> about it! > >>> >> > >>> >> Whether you think that is the proper way to provide service on the > >>> >> Internet is left as an exercise to the reader. > >>> >> > >>> >> -- > >>> >> TTFN, > >>> >> patrick > >>> >> > >>> >>> On Jul 26, 2016, at 9:49 PM, Mike > >>> wrote: > >>> >>> > >>> >>> Hi, > >>> >>> > >>> >>> So vbooter.org's dns and web is hosted by cloudflare? > >>> >>> > >>> >>> "Using vBooter you can take down home internet connections, > websites > >>> and > >>> >> game servers such us Minecraft, XBOX Live, PSN and many more." > >>> >>> > >>> >>> dig -t ns vbooter.org > >>> >>> > >>> >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org > >>> >>> ;; global options: +cmd > >>> >>> ;; Got answer: > >>> >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177 > >>> >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: > 1 > >>> >>> > >>> >>> ;; OPT PSEUDOSECTION: > >>> >>> ; EDNS: version: 0, flags:; udp: 512 > >>> >>> ;; QUESTION SECTION: > >>> >>> ;vbooter.org.INNS > >>> >>> > >>> >>> ;; ANSWER SECTION: > >>> >>> vbooter.org.21599INNSrick.ns.cloudflare.com. > >>> >>> vbooter.org.21599INNSamy.ns.cloudflare.com. > >>> >>> > >>> >>> dig -t a www.vbooter.org > >>> >>> > >>> >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org > >>> >>> ;; global options: +cmd > >>> >>> ;; Got answer: > >>> >>> ;; ->>HEADER<<- opcode: QUERY, status
Re: cloudflare hosting a ddos service?
On 07/26/2016 07:42 PM, Paras Jha wrote: A five minute Google search revealed this, which is just the tip of the iceberg booter.xyz exitus.to zstress.net critical-boot.com instress.club webstresser.co anonymousstresser.com rawdos.com kronosbooter.com alphastress.com synergy.so str3ssed.me layer7.pw There are probably hundreds I should also point out that the page for www.vbooter.org also had a google ad (for me anyways) at the bottom advertising arbor networks! It seems that cloudflare being an anti-ddos company needs to clean house then, and that if they really are conscious of this, that their 'good guy!' persona has taken a real beating. Mike-
Re: cloudflare hosting a ddos service?
Looks like barrier to obtaining an EV SSL certificate is not very high these days. There's documentation requirements, but root CAs can't be seen to discriminate against companies in the developing world. I suppose all you need is a scanned business license/incorporation documents from your local municipality in Outer Elbonia, and a few scanned copies of fake ID, and your $99 payment for the first year. On Tue, Jul 26, 2016 at 7:33 PM, Paras Jha wrote: > This is quite common, almost all of the DDoS-for-hire services are hosted > behind CloudFlare, and a great majority of them take PayPal. Another one > had even managed to secure an EV SSL cert. > > On Tue, Jul 26, 2016 at 10:24 PM, Dovid Bender > wrote: > > > I used to have a boss that was convinced that MCafee was writing viruses > > to stay in business > > > > Regards, > > > > Dovid > > > > -Original Message- > > From: Phil Rosenthal > > Sender: "NANOG" Date: Tue, 26 Jul 2016 22:17:53 > > To: jim deleskie > > Cc: NANOG list > > Subject: Re: cloudflare hosting a ddos service? > > > > Plus, it’s good for business! > > > > -Phil > > > > > On Jul 26, 2016, at 10:14 PM, jim deleskie wrote: > > > > > > sigh... > > > > > > On Tue, Jul 26, 2016 at 10:55 PM, Patrick W. Gilmore < > patr...@ianai.net> > > > wrote: > > > > > >> CloudFlare will claim they are not hosting the problem. They are just > > >> hosting the web page that lets you pay for or points at or otherwise > > >> directs you to the problem. > > >> > > >> The actual source of packets is some other IP address. Therefore, they > > can > > >> keep hosting the web page. It is not sending the actual > > >> [spam|DDoS|hack|etc.], right? So stop asking them to do something > about > > it! > > >> > > >> Whether you think that is the proper way to provide service on the > > >> Internet is left as an exercise to the reader. > > >> > > >> -- > > >> TTFN, > > >> patrick > > >> > > >>> On Jul 26, 2016, at 9:49 PM, Mike > > wrote: > > >>> > > >>> Hi, > > >>> > > >>> So vbooter.org's dns and web is hosted by cloudflare? > > >>> > > >>> "Using vBooter you can take down home internet connections, websites > > and > > >> game servers such us Minecraft, XBOX Live, PSN and many more." > > >>> > > >>> dig -t ns vbooter.org > > >>> > > >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org > > >>> ;; global options: +cmd > > >>> ;; Got answer: > > >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177 > > >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 > > >>> > > >>> ;; OPT PSEUDOSECTION: > > >>> ; EDNS: version: 0, flags:; udp: 512 > > >>> ;; QUESTION SECTION: > > >>> ;vbooter.org.INNS > > >>> > > >>> ;; ANSWER SECTION: > > >>> vbooter.org.21599INNSrick.ns.cloudflare.com. > > >>> vbooter.org.21599INNSamy.ns.cloudflare.com. > > >>> > > >>> dig -t a www.vbooter.org > > >>> > > >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org > > >>> ;; global options: +cmd > > >>> ;; Got answer: > > >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920 > > >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 > > >>> > > >>> ;; OPT PSEUDOSECTION: > > >>> ; EDNS: version: 0, flags:; udp: 512 > > >>> ;; QUESTION SECTION: > > >>> ;www.vbooter.org.INA > > >>> > > >>> ;; ANSWER SECTION: > > >>> www.vbooter.org.299INCNAMEvbooter.org. > > >>> vbooter.org.299INA104.28.13.7 > > >>> vbooter.org.299INA104.28.12.7 > > >>> > > >>> > > >>> Can anyone from cloudflare answer me why this fits with your > business > > >> model? > > >>> > > >>> Mike- > > >> > > >> > > > > > > > -- > Regards, > Paras > > President > ProTraf Solutions, LLC > Enterprise DDoS Mitigation >
Re: cloudflare hosting a ddos service?
A five minute Google search revealed this, which is just the tip of the iceberg booter.xyz exitus.to zstress.net critical-boot.com instress.club webstresser.co anonymousstresser.com rawdos.com kronosbooter.com alphastress.com synergy.so str3ssed.me layer7.pw There are probably hundreds On Tue, Jul 26, 2016 at 10:33 PM, Paras Jha wrote: > This is quite common, almost all of the DDoS-for-hire services are hosted > behind CloudFlare, and a great majority of them take PayPal. Another one > had even managed to secure an EV SSL cert. > > On Tue, Jul 26, 2016 at 10:24 PM, Dovid Bender > wrote: > >> I used to have a boss that was convinced that MCafee was writing viruses >> to stay in business >> >> Regards, >> >> Dovid >> >> -Original Message- >> From: Phil Rosenthal >> Sender: "NANOG" Date: Tue, 26 Jul 2016 22:17:53 >> To: jim deleskie >> Cc: NANOG list >> Subject: Re: cloudflare hosting a ddos service? >> >> Plus, it’s good for business! >> >> -Phil >> >> > On Jul 26, 2016, at 10:14 PM, jim deleskie wrote: >> > >> > sigh... >> > >> > On Tue, Jul 26, 2016 at 10:55 PM, Patrick W. Gilmore > > >> > wrote: >> > >> >> CloudFlare will claim they are not hosting the problem. They are just >> >> hosting the web page that lets you pay for or points at or otherwise >> >> directs you to the problem. >> >> >> >> The actual source of packets is some other IP address. Therefore, they >> can >> >> keep hosting the web page. It is not sending the actual >> >> [spam|DDoS|hack|etc.], right? So stop asking them to do something >> about it! >> >> >> >> Whether you think that is the proper way to provide service on the >> >> Internet is left as an exercise to the reader. >> >> >> >> -- >> >> TTFN, >> >> patrick >> >> >> >>> On Jul 26, 2016, at 9:49 PM, Mike >> wrote: >> >>> >> >>> Hi, >> >>> >> >>> So vbooter.org's dns and web is hosted by cloudflare? >> >>> >> >>> "Using vBooter you can take down home internet connections, websites >> and >> >> game servers such us Minecraft, XBOX Live, PSN and many more." >> >>> >> >>> dig -t ns vbooter.org >> >>> >> >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org >> >>> ;; global options: +cmd >> >>> ;; Got answer: >> >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177 >> >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 >> >>> >> >>> ;; OPT PSEUDOSECTION: >> >>> ; EDNS: version: 0, flags:; udp: 512 >> >>> ;; QUESTION SECTION: >> >>> ;vbooter.org.INNS >> >>> >> >>> ;; ANSWER SECTION: >> >>> vbooter.org.21599INNSrick.ns.cloudflare.com. >> >>> vbooter.org.21599INNSamy.ns.cloudflare.com. >> >>> >> >>> dig -t a www.vbooter.org >> >>> >> >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org >> >>> ;; global options: +cmd >> >>> ;; Got answer: >> >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920 >> >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 >> >>> >> >>> ;; OPT PSEUDOSECTION: >> >>> ; EDNS: version: 0, flags:; udp: 512 >> >>> ;; QUESTION SECTION: >> >>> ;www.vbooter.org.INA >> >>> >> >>> ;; ANSWER SECTION: >> >>> www.vbooter.org.299INCNAMEvbooter.org. >> >>> vbooter.org.299INA104.28.13.7 >> >>> vbooter.org.299INA104.28.12.7 >> >>> >> >>> >> >>> Can anyone from cloudflare answer me why this fits with your >> business >> >> model? >> >>> >> >>> Mike- >> >> >> >> >> >> > > > -- > Regards, > Paras > > President > ProTraf Solutions, LLC > Enterprise DDoS Mitigation > -- Regards, Paras President ProTraf Solutions, LLC Enterprise DDoS Mitigation
Re: cloudflare hosting a ddos service?
On 7/26/2016 21:19, jim deleskie wrote: Back in the day didn't we refer to such hosting as bulletproof hosting? Not HERE! NANA-E, sure. -- "Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid." --Albert Einstein From Larry's Cox account.
Re: cloudflare hosting a ddos service?
> On Jul 26, 2016, at 7:15 PM, Mehmet Akcin wrote: > > Have you tried to contact their Abuse?. For a long time their abuse@ alias was (literally) routed to /dev/null. I'm not sure whether that's still the case or whether they now ignore reports manually. Cheers, Steve > > mehmet > > On Tue, Jul 26, 2016 at 6:49 PM, Mike wrote: > >> Hi, >> >>So vbooter.org's dns and web is hosted by cloudflare? >> >> "Using vBooter you can take down home internet connections, websites and >> game servers such us Minecraft, XBOX Live, PSN and many more." >> >>dig -t ns vbooter.org >> >> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org >> ;; global options: +cmd >> ;; Got answer: >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177 >> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 >> >> ;; OPT PSEUDOSECTION: >> ; EDNS: version: 0, flags:; udp: 512 >> ;; QUESTION SECTION: >> ;vbooter.org.INNS >> >> ;; ANSWER SECTION: >> vbooter.org.21599INNSrick.ns.cloudflare.com. >> vbooter.org.21599INNSamy.ns.cloudflare.com. >> >> dig -t a www.vbooter.org >> >> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org >> ;; global options: +cmd >> ;; Got answer: >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920 >> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 >> >> ;; OPT PSEUDOSECTION: >> ; EDNS: version: 0, flags:; udp: 512 >> ;; QUESTION SECTION: >> ;www.vbooter.org.INA >> >> ;; ANSWER SECTION: >> www.vbooter.org.299INCNAMEvbooter.org. >> vbooter.org.299INA104.28.13.7 >> vbooter.org.299INA104.28.12.7 >> >> >>Can anyone from cloudflare answer me why this fits with your business >> model? >> >> Mike- >> >>
Re: cloudflare hosting a ddos service?
So vbooter.org's dns and web is hosted by cloudflare? "Using vBooter you can take down home internet connections, websites and game servers such us Minecraft, XBOX Live, PSN and many more." Buy some time on it to DDoS cloudflare sites.
Re: cloudflare hosting a ddos service?
This is quite common, almost all of the DDoS-for-hire services are hosted behind CloudFlare, and a great majority of them take PayPal. Another one had even managed to secure an EV SSL cert. On Tue, Jul 26, 2016 at 10:24 PM, Dovid Bender wrote: > I used to have a boss that was convinced that MCafee was writing viruses > to stay in business > > Regards, > > Dovid > > -Original Message- > From: Phil Rosenthal > Sender: "NANOG" Date: Tue, 26 Jul 2016 22:17:53 > To: jim deleskie > Cc: NANOG list > Subject: Re: cloudflare hosting a ddos service? > > Plus, it’s good for business! > > -Phil > > > On Jul 26, 2016, at 10:14 PM, jim deleskie wrote: > > > > sigh... > > > > On Tue, Jul 26, 2016 at 10:55 PM, Patrick W. Gilmore > > wrote: > > > >> CloudFlare will claim they are not hosting the problem. They are just > >> hosting the web page that lets you pay for or points at or otherwise > >> directs you to the problem. > >> > >> The actual source of packets is some other IP address. Therefore, they > can > >> keep hosting the web page. It is not sending the actual > >> [spam|DDoS|hack|etc.], right? So stop asking them to do something about > it! > >> > >> Whether you think that is the proper way to provide service on the > >> Internet is left as an exercise to the reader. > >> > >> -- > >> TTFN, > >> patrick > >> > >>> On Jul 26, 2016, at 9:49 PM, Mike > wrote: > >>> > >>> Hi, > >>> > >>> So vbooter.org's dns and web is hosted by cloudflare? > >>> > >>> "Using vBooter you can take down home internet connections, websites > and > >> game servers such us Minecraft, XBOX Live, PSN and many more." > >>> > >>> dig -t ns vbooter.org > >>> > >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org > >>> ;; global options: +cmd > >>> ;; Got answer: > >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177 > >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 > >>> > >>> ;; OPT PSEUDOSECTION: > >>> ; EDNS: version: 0, flags:; udp: 512 > >>> ;; QUESTION SECTION: > >>> ;vbooter.org.INNS > >>> > >>> ;; ANSWER SECTION: > >>> vbooter.org.21599INNSrick.ns.cloudflare.com. > >>> vbooter.org.21599INNSamy.ns.cloudflare.com. > >>> > >>> dig -t a www.vbooter.org > >>> > >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org > >>> ;; global options: +cmd > >>> ;; Got answer: > >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920 > >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 > >>> > >>> ;; OPT PSEUDOSECTION: > >>> ; EDNS: version: 0, flags:; udp: 512 > >>> ;; QUESTION SECTION: > >>> ;www.vbooter.org.INA > >>> > >>> ;; ANSWER SECTION: > >>> www.vbooter.org.299INCNAMEvbooter.org. > >>> vbooter.org.299INA104.28.13.7 > >>> vbooter.org.299INA104.28.12.7 > >>> > >>> > >>> Can anyone from cloudflare answer me why this fits with your business > >> model? > >>> > >>> Mike- > >> > >> > > -- Regards, Paras President ProTraf Solutions, LLC Enterprise DDoS Mitigation
Re: cloudflare hosting a ddos service?
I used to have a boss that was convinced that MCafee was writing viruses to stay in business Regards, Dovid -Original Message- From: Phil Rosenthal Sender: "NANOG" Date: Tue, 26 Jul 2016 22:17:53 To: jim deleskie Cc: NANOG list Subject: Re: cloudflare hosting a ddos service? Plus, it’s good for business! -Phil > On Jul 26, 2016, at 10:14 PM, jim deleskie wrote: > > sigh... > > On Tue, Jul 26, 2016 at 10:55 PM, Patrick W. Gilmore > wrote: > >> CloudFlare will claim they are not hosting the problem. They are just >> hosting the web page that lets you pay for or points at or otherwise >> directs you to the problem. >> >> The actual source of packets is some other IP address. Therefore, they can >> keep hosting the web page. It is not sending the actual >> [spam|DDoS|hack|etc.], right? So stop asking them to do something about it! >> >> Whether you think that is the proper way to provide service on the >> Internet is left as an exercise to the reader. >> >> -- >> TTFN, >> patrick >> >>> On Jul 26, 2016, at 9:49 PM, Mike wrote: >>> >>> Hi, >>> >>> So vbooter.org's dns and web is hosted by cloudflare? >>> >>> "Using vBooter you can take down home internet connections, websites and >> game servers such us Minecraft, XBOX Live, PSN and many more." >>> >>> dig -t ns vbooter.org >>> >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org >>> ;; global options: +cmd >>> ;; Got answer: >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177 >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 >>> >>> ;; OPT PSEUDOSECTION: >>> ; EDNS: version: 0, flags:; udp: 512 >>> ;; QUESTION SECTION: >>> ;vbooter.org.INNS >>> >>> ;; ANSWER SECTION: >>> vbooter.org.21599INNSrick.ns.cloudflare.com. >>> vbooter.org.21599INNSamy.ns.cloudflare.com. >>> >>> dig -t a www.vbooter.org >>> >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org >>> ;; global options: +cmd >>> ;; Got answer: >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920 >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 >>> >>> ;; OPT PSEUDOSECTION: >>> ; EDNS: version: 0, flags:; udp: 512 >>> ;; QUESTION SECTION: >>> ;www.vbooter.org.INA >>> >>> ;; ANSWER SECTION: >>> www.vbooter.org.299INCNAMEvbooter.org. >>> vbooter.org.299INA104.28.13.7 >>> vbooter.org.299INA104.28.12.7 >>> >>> >>> Can anyone from cloudflare answer me why this fits with your business >> model? >>> >>> Mike- >> >>
Re: cloudflare hosting a ddos service?
Back in the day didn't we refer to such hosting as bulletproof hosting? On Tue, Jul 26, 2016 at 11:17 PM, Phil Rosenthal wrote: > Plus, it’s good for business! > > -Phil > > > On Jul 26, 2016, at 10:14 PM, jim deleskie wrote: > > > > sigh... > > > > On Tue, Jul 26, 2016 at 10:55 PM, Patrick W. Gilmore > > wrote: > > > >> CloudFlare will claim they are not hosting the problem. They are just > >> hosting the web page that lets you pay for or points at or otherwise > >> directs you to the problem. > >> > >> The actual source of packets is some other IP address. Therefore, they > can > >> keep hosting the web page. It is not sending the actual > >> [spam|DDoS|hack|etc.], right? So stop asking them to do something about > it! > >> > >> Whether you think that is the proper way to provide service on the > >> Internet is left as an exercise to the reader. > >> > >> -- > >> TTFN, > >> patrick > >> > >>> On Jul 26, 2016, at 9:49 PM, Mike > wrote: > >>> > >>> Hi, > >>> > >>> So vbooter.org's dns and web is hosted by cloudflare? > >>> > >>> "Using vBooter you can take down home internet connections, websites > and > >> game servers such us Minecraft, XBOX Live, PSN and many more." > >>> > >>> dig -t ns vbooter.org > >>> > >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org > >>> ;; global options: +cmd > >>> ;; Got answer: > >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177 > >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 > >>> > >>> ;; OPT PSEUDOSECTION: > >>> ; EDNS: version: 0, flags:; udp: 512 > >>> ;; QUESTION SECTION: > >>> ;vbooter.org.INNS > >>> > >>> ;; ANSWER SECTION: > >>> vbooter.org.21599INNSrick.ns.cloudflare.com. > >>> vbooter.org.21599INNSamy.ns.cloudflare.com. > >>> > >>> dig -t a www.vbooter.org > >>> > >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org > >>> ;; global options: +cmd > >>> ;; Got answer: > >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920 > >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 > >>> > >>> ;; OPT PSEUDOSECTION: > >>> ; EDNS: version: 0, flags:; udp: 512 > >>> ;; QUESTION SECTION: > >>> ;www.vbooter.org.INA > >>> > >>> ;; ANSWER SECTION: > >>> www.vbooter.org.299INCNAMEvbooter.org. > >>> vbooter.org.299INA104.28.13.7 > >>> vbooter.org.299INA104.28.12.7 > >>> > >>> > >>> Can anyone from cloudflare answer me why this fits with your business > >> model? > >>> > >>> Mike- > >> > >> > >
Re: cloudflare hosting a ddos service?
Plus, it’s good for business! -Phil > On Jul 26, 2016, at 10:14 PM, jim deleskie wrote: > > sigh... > > On Tue, Jul 26, 2016 at 10:55 PM, Patrick W. Gilmore > wrote: > >> CloudFlare will claim they are not hosting the problem. They are just >> hosting the web page that lets you pay for or points at or otherwise >> directs you to the problem. >> >> The actual source of packets is some other IP address. Therefore, they can >> keep hosting the web page. It is not sending the actual >> [spam|DDoS|hack|etc.], right? So stop asking them to do something about it! >> >> Whether you think that is the proper way to provide service on the >> Internet is left as an exercise to the reader. >> >> -- >> TTFN, >> patrick >> >>> On Jul 26, 2016, at 9:49 PM, Mike wrote: >>> >>> Hi, >>> >>> So vbooter.org's dns and web is hosted by cloudflare? >>> >>> "Using vBooter you can take down home internet connections, websites and >> game servers such us Minecraft, XBOX Live, PSN and many more." >>> >>> dig -t ns vbooter.org >>> >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org >>> ;; global options: +cmd >>> ;; Got answer: >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177 >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 >>> >>> ;; OPT PSEUDOSECTION: >>> ; EDNS: version: 0, flags:; udp: 512 >>> ;; QUESTION SECTION: >>> ;vbooter.org.INNS >>> >>> ;; ANSWER SECTION: >>> vbooter.org.21599INNSrick.ns.cloudflare.com. >>> vbooter.org.21599INNSamy.ns.cloudflare.com. >>> >>> dig -t a www.vbooter.org >>> >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org >>> ;; global options: +cmd >>> ;; Got answer: >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920 >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 >>> >>> ;; OPT PSEUDOSECTION: >>> ; EDNS: version: 0, flags:; udp: 512 >>> ;; QUESTION SECTION: >>> ;www.vbooter.org.INA >>> >>> ;; ANSWER SECTION: >>> www.vbooter.org.299INCNAMEvbooter.org. >>> vbooter.org.299INA104.28.13.7 >>> vbooter.org.299INA104.28.12.7 >>> >>> >>> Can anyone from cloudflare answer me why this fits with your business >> model? >>> >>> Mike- >> >>
Re: cloudflare hosting a ddos service?
Have you tried to contact their Abuse?. mehmet On Tue, Jul 26, 2016 at 6:49 PM, Mike wrote: > Hi, > > So vbooter.org's dns and web is hosted by cloudflare? > > "Using vBooter you can take down home internet connections, websites and > game servers such us Minecraft, XBOX Live, PSN and many more." > > dig -t ns vbooter.org > > ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 512 > ;; QUESTION SECTION: > ;vbooter.org.INNS > > ;; ANSWER SECTION: > vbooter.org.21599INNSrick.ns.cloudflare.com. > vbooter.org.21599INNSamy.ns.cloudflare.com. > > dig -t a www.vbooter.org > > ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 512 > ;; QUESTION SECTION: > ;www.vbooter.org.INA > > ;; ANSWER SECTION: > www.vbooter.org.299INCNAMEvbooter.org. > vbooter.org.299INA104.28.13.7 > vbooter.org.299INA104.28.12.7 > > > Can anyone from cloudflare answer me why this fits with your business > model? > > Mike- > >
Re: cloudflare hosting a ddos service?
sigh... On Tue, Jul 26, 2016 at 10:55 PM, Patrick W. Gilmore wrote: > CloudFlare will claim they are not hosting the problem. They are just > hosting the web page that lets you pay for or points at or otherwise > directs you to the problem. > > The actual source of packets is some other IP address. Therefore, they can > keep hosting the web page. It is not sending the actual > [spam|DDoS|hack|etc.], right? So stop asking them to do something about it! > > Whether you think that is the proper way to provide service on the > Internet is left as an exercise to the reader. > > -- > TTFN, > patrick > > > On Jul 26, 2016, at 9:49 PM, Mike wrote: > > > > Hi, > > > >So vbooter.org's dns and web is hosted by cloudflare? > > > > "Using vBooter you can take down home internet connections, websites and > game servers such us Minecraft, XBOX Live, PSN and many more." > > > >dig -t ns vbooter.org > > > > ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org > > ;; global options: +cmd > > ;; Got answer: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177 > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 > > > > ;; OPT PSEUDOSECTION: > > ; EDNS: version: 0, flags:; udp: 512 > > ;; QUESTION SECTION: > > ;vbooter.org.INNS > > > > ;; ANSWER SECTION: > > vbooter.org.21599INNSrick.ns.cloudflare.com. > > vbooter.org.21599INNSamy.ns.cloudflare.com. > > > > dig -t a www.vbooter.org > > > > ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org > > ;; global options: +cmd > > ;; Got answer: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920 > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 > > > > ;; OPT PSEUDOSECTION: > > ; EDNS: version: 0, flags:; udp: 512 > > ;; QUESTION SECTION: > > ;www.vbooter.org.INA > > > > ;; ANSWER SECTION: > > www.vbooter.org.299INCNAMEvbooter.org. > > vbooter.org.299INA104.28.13.7 > > vbooter.org.299INA104.28.12.7 > > > > > >Can anyone from cloudflare answer me why this fits with your business > model? > > > > Mike- > >
Re: cloudflare hosting a ddos service?
CloudFlare will claim they are not hosting the problem. They are just hosting the web page that lets you pay for or points at or otherwise directs you to the problem. The actual source of packets is some other IP address. Therefore, they can keep hosting the web page. It is not sending the actual [spam|DDoS|hack|etc.], right? So stop asking them to do something about it! Whether you think that is the proper way to provide service on the Internet is left as an exercise to the reader. -- TTFN, patrick > On Jul 26, 2016, at 9:49 PM, Mike wrote: > > Hi, > >So vbooter.org's dns and web is hosted by cloudflare? > > "Using vBooter you can take down home internet connections, websites and game > servers such us Minecraft, XBOX Live, PSN and many more." > >dig -t ns vbooter.org > > ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 512 > ;; QUESTION SECTION: > ;vbooter.org.INNS > > ;; ANSWER SECTION: > vbooter.org.21599INNSrick.ns.cloudflare.com. > vbooter.org.21599INNSamy.ns.cloudflare.com. > > dig -t a www.vbooter.org > > ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 512 > ;; QUESTION SECTION: > ;www.vbooter.org.INA > > ;; ANSWER SECTION: > www.vbooter.org.299INCNAMEvbooter.org. > vbooter.org.299INA104.28.13.7 > vbooter.org.299INA104.28.12.7 > > >Can anyone from cloudflare answer me why this fits with your business > model? > > Mike-
cloudflare hosting a ddos service?
Hi, So vbooter.org's dns and web is hosted by cloudflare? "Using vBooter you can take down home internet connections, websites and game servers such us Minecraft, XBOX Live, PSN and many more." dig -t ns vbooter.org ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;vbooter.org.INNS ;; ANSWER SECTION: vbooter.org.21599INNSrick.ns.cloudflare.com. vbooter.org.21599INNSamy.ns.cloudflare.com. dig -t a www.vbooter.org ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;www.vbooter.org.INA ;; ANSWER SECTION: www.vbooter.org.299INCNAMEvbooter.org. vbooter.org.299INA104.28.13.7 vbooter.org.299INA104.28.12.7 Can anyone from cloudflare answer me why this fits with your business model? Mike-
Re: I recommend dslreports.com/speedtest these days (was Speedtest.net not accessible in Chrome due to deceptive ads)
Some additional comments from Dave Taht, who does not subscribe to the nanog list. Also note the early WiFi results, which are spectacular. Your customers will have bufferbloat both due to the ISP, and due to the WiFi hop that is usually between them and their home router. Unfortunately, it's going to take years for the WiFi fixes to percolate through the ecosystem, which is very dysfunctional (it's taken about 4 years to see Docsis 3.1 modems, which are only now appearing). - Jim If you would like to see a plot of all the millions of samples dslreports collected to date on the endemic bufferbloat along the edge of the internet, as well as breakdowns by ISPs, see: uploads: http://www.dslreports.com/speedtest/results/bufferbloat?up=1 downloads: http://www.dslreports.com/speedtest/results/bufferbloat And look at the sea of stuff with latencies measured in the hundreds of ms... and get up off your ass and do something about it on your networks. It's easy now. The algorithms we've developed to fix it (fq_codel, pie) are in bsd, and linux now; the ietf drafts are complete. These algorithms can move induced latencies to well below 30ms in most cases, on ethernet, dsl, cable, and fiber. fq_codel has been out there since 2012. A goodly percentage of linux distros now defaults to fq_codel, but doing up the chokepoints right involves replacing old shapers and policers with these algorithms, additionally. See the "sqm-scripts" for how. ... side note ... Fixing wifi with similar stuff has proven *very* difficult, but we've made quite a bit of progress lately in the ath10k and ath9k chipsets, that is not quite ready for prime time: pretty exciting summary, here: https://blog.tohojo.dk/2016/06/fixing-the-wifi-performance-anomaly-on-ath9k.html On Fri, Jul 22, 2016 at 4:31 PM, Jim Gettys wrote: > > > On Fri, Jul 22, 2016 at 4:18 PM, Baldur Norddahl < > baldur.nordd...@gmail.com> wrote: > >> Den 22. jul. 2016 21.34 skrev "Jim Gettys" : >> > >> > >> > So it is entirely appropriate in my view to give even "high speed" >> > connections low grades; it's telling you that they suck under load >> > , like when your kid is downloading a video (or uploading one for their >> > friends); your performance (e.g. web surfing) can go to hell in a >> > hand-basket despite having a lot of bandwidth on the >> > connection. For most use, I'll take a 20Mbps link without bloat to a >> > 200Mbps one with a half second of bloat any >> > >> > day. >> > >> >> I will expect that high speed links will have little bloat simply because >> even large buffers empty quite fast. >> > > Unfortunately, that is often/usually not the case. > > The buffering has typically scaled up as fast/faster than the bandwidth > has, in my observation. You can have as much/more bloat on a higher > bandwidth line as a low bandwidth line. > > That's why I always refer to buffering in seconds, not bytes, unless I'm > trying to understand how the identical equipment will behave at differing > bandwidths. > > The worst is usually someone taking modern equipment and then running it > at low speed: e.g. a gigabit switch being used at 100Mbps will generally be > 10x worse than the old equipment it replaces (at best). > > - Jim > >
Re: Clueful BGP from TW-Telecom/L3
Last I dealt with TW Telecom and BGP we had to explain to them that putting in a static route on both routers on top of BGP was not desired. Then they reconfigured a circuit 30 miles away when trying to turn it up again causing an outage in our data center. Sorry, not super hopeful when it comes to TW Telecom. Micah On Mon, Jul 25, 2016 at 8:51 PM, Scott Morris wrote: > Is there per chance anyone hanging on here who is clueful about BGP > working with TW-Telecom and the recent integration with Level3 > > I have a client that I consult with whose route is not getting sent from > TW to L3 and the techs on the case are convinced we need to put different > BGP communities in (both to TW link and other provider link) which of > course we are putting in to satisfy them, but magically it is not working. > This SHOULD be an easy thing to figure out using the Looking Glass servers > within both TW and Level3, but this concept is lost on techs we are dealing > with. > > Anyone internal there who can contact me off-list would be greatly > appreciated! > > Scott > s...@emanon.com > > > >