Re: Netflix VPN detection - actual engineer needed

2016-06-06 Thread Chris Baker 
No need to speculate some details are available ...
http://www.michaelgeist.ca/2015/04/nobodys-perfect-leaked-contract-reveals-sony-requires-netflix-to-geo-block-but-acknowledges-technology-is-imperfect/
And thats just for a single content provider ...

On Mon, Jun 6, 2016 at 11:55 AM, Livingood, Jason <
jason_living...@comcast.com> wrote:

> On 6/5/16, 7:11 PM, "NANOG on behalf of Christopher Morrow"
>  wrote:
>
> >I dislike the IP folks as much as anyone, but :( flix has to make a
> >good-faith-effort or they'll lose content sources, I suspect.
>
> Perhaps so. And now that they are an original content creator as well, and
> making large investments to do so, that may also be a factor as they work
> to maximize distribution revenues.
>
> Jason
>
>

Re: Ransom DDoS attack - need help!

2015-12-03 Thread Chris Baker 
Can you provide some additional details? Is it someone claiming association
with a known group like DD4BC or the Armada Collective or unbranded?

Cheers,
CBaker


On Thu, Dec 3, 2015 at 9:54 AM, Josh Reynolds  wrote:

> Sounds like lizardSquad may be at it again
> On Dec 3, 2015 8:53 AM, "halp us"  wrote:
>
> > All,
> >
> > I've been a NANOG member for many years but I'm emailing from an
> anonymous
> > account to reduce the chance of the attackers finding me.
> >
> > A company that shall remain anonymous has received a ransom DDoS note
> from
> > a very well known group that has been in the news lately. Recently
> they've
> > threatened to carry out a major DDoS attack if they are not paid by a
> > deadline which is approaching. They've performed an attack of a smaller
> > magnitude to prove that they're serious.
> >
> > Based on certain details that I can't reveal here, we believe the
> magnitude
> > of the upcoming attack may be in the several hundred Gbps.
> >
> > I would really appreciate help in a few areas (primarily with certain
> > provider contacts/intros) so we can execute our strategy (which I can't
> > reveal here for obvious reasons). If you email me off-list with a
> > name/email that you've previously used on-list, I will reply from my real
> > email.
> >
> > Alternatively, if you can post your experiences on-list with large scale
> > high profile ransom DDoS attacks, I'd really appreciate it!
> >
> > Thanks
> >
>

Re: Ransom DDoS attack - need help!

2015-12-03 Thread Chris Baker 
OSINT has a plethora of detail available:

http://www.reuters.com/article/2015/11/30/greece-banks-idUSL8N13P5B420151130
http://www.ibtimes.co.uk/armada-collective-who-are-hackers-extorting-bitcoin-ransoms-what-can-we-do-1528253
http://www.bloomberg.com/news/articles/2015-09-09/bitcoin-ddos-ransom-demands-raise-dd4bc-profile

On Thu, Dec 3, 2015 at 10:04 AM, Josh Reynolds <j...@kyneticwifi.com> wrote:

> None of those names you just mentioned have made the international news.
> On Dec 3, 2015 8:59 AM, "Chris Baker" <cba...@dyn.com> wrote:
>
>> Can you provide some additional details? Is it someone claiming
>> association with a known group like DD4BC or the Armada Collective or
>> unbranded?
>>
>> Cheers,
>> CBaker
>>
>>
>> On Thu, Dec 3, 2015 at 9:54 AM, Josh Reynolds <j...@kyneticwifi.com>
>> wrote:
>>
>>> Sounds like lizardSquad may be at it again
>>> On Dec 3, 2015 8:53 AM, "halp us" <throwaway1958...@gmail.com> wrote:
>>>
>>> > All,
>>> >
>>> > I've been a NANOG member for many years but I'm emailing from an
>>> anonymous
>>> > account to reduce the chance of the attackers finding me.
>>> >
>>> > A company that shall remain anonymous has received a ransom DDoS note
>>> from
>>> > a very well known group that has been in the news lately. Recently
>>> they've
>>> > threatened to carry out a major DDoS attack if they are not paid by a
>>> > deadline which is approaching. They've performed an attack of a smaller
>>> > magnitude to prove that they're serious.
>>> >
>>> > Based on certain details that I can't reveal here, we believe the
>>> magnitude
>>> > of the upcoming attack may be in the several hundred Gbps.
>>> >
>>> > I would really appreciate help in a few areas (primarily with certain
>>> > provider contacts/intros) so we can execute our strategy (which I can't
>>> > reveal here for obvious reasons). If you email me off-list with a
>>> > name/email that you've previously used on-list, I will reply from my
>>> real
>>> > email.
>>> >
>>> > Alternatively, if you can post your experiences on-list with large
>>> scale
>>> > high profile ransom DDoS attacks, I'd really appreciate it!
>>> >
>>> > Thanks
>>> >
>>>
>>
>>