Hi folks,
A friend forward me your topic about Booters and CloudFlare. Then I
decided to join the NANOG list. The *answer* for the first question
about CloudFlare and Booters is at:
https://www.youtube.com/watch?v=wW5vJyI_HcU (minute 45:55) given by the
_CloudFlare CEO_ in the blackhat2013.
Hi Jair,
This list is really interesting.
>From just a preliminary test, more than half of these domains are hiding
behind Cloudflare, and OVH has a sizable fraction too. I suppose it's
inevitable, given that both are known for having non-existent abuse
departments.
Regards
On Wed, Jul 27, 2016
> From just a preliminary test, more than half of these domains are
> hiding behind Cloudflare, and OVH has a sizable fraction too.
you mean are using cloudflare and ovh services.
> I suppose it's inevitable, given that both are known for having
> non-existent abuse departments.
as the OP made p
Hi Justin,
I have submitted abuse reports in the past, maybe from 2014 - 2015, but I
gave up after I consistently did not even get replies and saw no action
being taken. It is the same behavior with other providers who host malware
knowingly. I appreciate you coming out onto the list though, it's
Hi Randy,
I've found the vast majority of large service providers to be very
receptive to abuse reports when they contain evidence and valid information.
Regards
Paras
On Wed, 27 Jul 2016, Paras Jha wrote:
> Hi Justin,
>
> I have submitted abuse reports in the past, maybe from 2014 - 2015, but I
> gave up after I consistently did not even get replies and saw no action
> being taken. It is the same behavior with other providers who host malware
> knowingly. I ap
Sent: Wednesday, July 27, 2016 8:56 AM
To: Paras Jha
Cc: NANOG list
Subject: Re: EVERYTHING about Booters (and CloudFlare)
> I suppose it's inevitable, given that both are known for having
> non-existent abuse departments.
as the OP made pretty clear, it's not a matter of an abu
, July 27, 2016 8:56 AM
> To: Paras Jha
> Cc: NANOG list
> Subject: Re: EVERYTHING about Booters (and CloudFlare)
>
> > I suppose it's inevitable, given that both are known for having
> > non-existent abuse departments.
>
> as the OP made pretty clear, it's not a matte
Den 27. jul. 2016 17.12 skrev "Steve Mikulasik" :
>
> Disclaimer: I have a ton of respect for Clouldflare and what they do on
the internet.
They just lost all respect from here. Would someone from USA please report
these guys to the feds? What they are doing is outright criminal.
Regards
Baldur
> On Jul 27, 2016, at 9:17 AM, Baldur Norddahl
> wrote:
>
> Den 27. jul. 2016 17.12 skrev "Steve Mikulasik" :
>>
>> Disclaimer: I have a ton of respect for Clouldflare and what they do on
> the internet.
>
> They just lost all respect from here. Would someone from USA please report
> these gu
On Wed, Jul 27, 2016 at 10:37:21AM -0400, Paras Jha wrote:
> From just a preliminary test, more than half of these domains are hiding
> behind Cloudflare, and OVH has a sizable fraction too. I suppose it's
> inevitable, given that both are known for having non-existent abuse
> departments.
Here's
On Wed, Jul 27, 2016 at 10:58 AM, Paras Jha
wrote:
> I consistently did not even get replies
This is a common 'complaint' point for abuse senders. I often wonder why.
What is a reply supposed to do or tell you?
Because replying admits knowledge and creates a papertrail thereof. Esp.
w.r.t. copyright infringement takedown notices etc.
(or also because said providers are innundated with such requests because they
don't actually care as it's all part of their profit centre.)
/kc
On Wed, Jul 27, 2016 at 0
This is why policy, as painful as it is to produce, is useful.
There isn't even general agreement on whether (or what!) Cloudfare is
doing is a problem.
Which is why interested parties need to get together and agree on some
sort of policy regarding this and similar things.
Or not and just let i
On Wed, 27 Jul 2016, b...@theworld.com wrote:
There isn't even general agreement on whether (or what!) Cloudfare is
doing is a problem.
aiding and abetting. at the very least willful negligence.
-Dan
* goe...@sasami.anime.net (Dan Hollis) [Wed 27 Jul 2016, 20:21 CEST]:
On Wed, 27 Jul 2016, b...@theworld.com wrote:
There isn't even general agreement on whether (or what!) Cloudfare
is doing is a problem.
aiding and abetting. at the very least willful negligence.
I hope the armchairs y'all
Hi Paras,
I covered the booter topic in a previous reply on a different (though
basically the same) thread. By "non-existent" you mean we are
processing thousands of reports per week. If you have something to
report you can certainly do so at cloudflare.com/abuse. We'd be more
than happy to proces
Law enforcement (US or international) knows how to contact us if they
have an inquiry to make. We also publish a Transparency
Report that covers those legal inquiries:
https://www.cloudflare.com/transparency/
Justin Paine
Head of Trust & Safety
CloudFlare Inc.
PGP: BBAA 6BCE 3305 7FD6
>From our side:
abuse@ reports generates an auto reply indicating where our reporting
form is located.
Reports at our reporting form generate an auto reply confirming we
received the report. All reports filed via the form are reviewed by a
human and at a minimum passed on to
the responsible host
On Wed, 27 Jul 2016 11:21:02 -0700, Dan Hollis said:
> On Wed, 27 Jul 2016, b...@theworld.com wrote:
> > There isn't even general agreement on whether (or what!) Cloudfare is
> > doing is a problem.
>
> aiding and abetting. at the very least willful negligence.
aiding and abetting of what, *exactl
In message <23235.1469666...@turing-police.cc.vt.edu>, valdis.kletni...@vt.edu
writes:
> On Wed, 27 Jul 2016 11:21:02 -0700, Dan Hollis said:
> > On Wed, 27 Jul 2016, b...@theworld.com wrote:
> > > There isn't even general agreement on whether (or what!) Cloudfare is
> > > doing is a problem.
> >
On Thu, 28 Jul 2016 10:48:47 +1000, Mark Andrews said:
> As soon as a transaction takes place, conspiricy to harm by
> . If the DoS actually occurs you can add additional charges for
> the actual actions.
If the claim is that a law has been broken, you have to show that is
actually a crime in
In message <31450.1469667...@turing-police.cc.vt.edu>, valdis.kletni...@vt.edu
writes:
> On Thu, 28 Jul 2016 10:48:47 +1000, Mark Andrews said:
>
> > As soon as a transaction takes place, conspiricy to harm by
> > . If the DoS actually occurs you can add additional charges for
> > the actual a
He's right, conspiracy to commit X is a valid criminal charge, at least in
the US. Conspiracy to commit fraud, theft, murder, racketeering, etc are
all "sister charges" of charges of ones actually carried out.
I am not a lawyer and I don't pretend to be, but I believe
> the gamer who ticked off another gamer and got DDoSed doesn't
> have the knowledge, time, or resources to file a claim that will actually
> accomplish anything, and nobody else can file the claim on their behalf.
I believe a class actio
> They just lost all respect from here. Would someone from USA please
> report these guys to the feds? What they are doing is outright
> criminal.
hyperbole. it is not criminal. you just don't happen to like it.
On 7/27/16 10:48 PM, Randy Bush wrote:
They just lost all respect from here. Would someone from USA please
report these guys to the feds? What they are doing is outright
criminal.
hyperbole. it is not criminal. you just don't happen to like it.
Actually, as someone pointed out, it might we
On Thu, Jul 28, 2016 at 3:55 AM, Miles Fidelman
wrote:
>
>
> On 7/27/16 10:48 PM, Randy Bush wrote:
>
>> They just lost all respect from here. Would someone from USA please
>>> report these guys to the feds? What they are doing is outright
>>> criminal.
>>>
>> hyperbole. it is not criminal. you
On Wed, 27 Jul 2016 22:55:54 -0400, Miles Fidelman said:
> On 7/27/16 10:48 PM, Randy Bush wrote:
> >> They just lost all respect from here. Would someone from USA please
> >> report these guys to the feds? What they are doing is outright
> >> criminal.
> > hyperbole. it is not criminal. you just
On 28 July 2016 at 11:30, wrote:
> In general, the conspiracy isn't criminal if the conspired act isn't
> criminal.
> If you're trying to make a criminal conspiracy out of non-criminal acts,
> your best bet is probably finding a new way to abuse the RICO statutes.
>
DDoS attacks using stolen res
On Thu, 28 Jul 2016 12:00:00 +0200, Baldur Norddahl said:
> DDoS attacks using stolen resources and fake identities is not legal
Are you making a blanket statement that covers all jurisdictions on
the planet?
For bonus points - is it more like "illegal as in murder", or "illegal
as in jaywalking
@Baldur
"They just lost all respect from here. Would someone from USA please report
these guys to the feds? What they are doing is outright criminal."
I'm happy to put you in touch with an FBI agent if you have questions
or concerns you'd like to discuss.
Justin Paine
Head of Trust
Well,
I do not think feeding the trolls is a good exercise for a
representative of any company that is taking this subject seriously.
Don't you think?
-
Alain Hebertaheb...@pubnix.net
PubNIX Inc.
50 boul. St-Charles
P.O. Box 26770 Be
Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of
valdis.kletni...@vt.edu
Sent: Thursday, July 28, 2016 4:30 AM
To: Miles Fidelman
Cc: nanog@nanog.org
Subject: Re: EVERYTHING about Booters (and CloudFlare)
On Wed, 27 Jul 2016 22:55:54 -0400, Miles Fidelman said:
> On 7/27/16
n the rightful owner for its
intended purposes.
Steven Naslund
Chicago IL
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of
valdis.kletni...@vt.edu
Sent: Thursday, July 28, 2016 4:30 AM
To: Miles Fidelman
Cc: nanog@nanog.org
Subject: Re: EVERYTHING about Booters
I'm sorry, but this entire discussion is predicated on half-truths and
nonsense spewing out of the CF team. It's a shame too, as they're
usually great community minded folks who are well respected around
here.
No matter how you define the CloudFlare service, that they can claim
ignorance due to "
Nothing is going to happen. Cloudflare will continue to turn a blind eye
towards abusive customers, and even downright allow customers to HTTP scan
from their network without batting an eyelash. The mere act of scanning
isn't illegal, but it shows the kind of mindset that they have.
On Wed, Jul 27, 2016 at 03:09:51PM +, Steve Mikulasik wrote:
> I am sure a lawyer would see it very differently, [...]
For what it's worth I agree, but I'm not an attorney (and neither
are most of us), so I'll write from the perspective of an operator.
The healthy functioning of the Internet
On Wednesday 27 July 2016 07:58:49 Paras Jha wrote:
> Hi Justin,
>
> I have submitted abuse reports in the past, maybe from 2014 - 2015, but I
> gave up after I consistently did not even get replies and saw no action
> being taken. It is the same behavior with other providers who host malware
> kn
Sigh, another long thread that goes nowhere in the end and simply dies a
dull dead. So let's add my 2ct donation into it.
First of all, CF like any other carrier/provider/hoster/whatever only
cares about the bucks, nothing else, you all do to, so that should be
clear enough. Them actually booting
On 7/28/16 11:04 AM, Paras Jha wrote:
Nothing is going to happen. Cloudflare will continue to turn a blind eye
towards abusive customers, and even downright allow customers to HTTP scan
from their network without batting an eyelash. The mere act of scanning
isn't illegal, but it shows the kind o
* mfidel...@meetinghouse.net (Miles Fidelman) [Thu 28 Jul 2016, 17:42 CEST]:
[...]
Now if Cloudflare were to actively suggest that folks use vBooter to
test systems, as a way to boost sales for Cloudflare - that would
certainly be an interesting test case for RICO
CloudFlare is doing nothing o
There are not international cyber crime laws because there is no international
law enforcement agency with the reach to enforce them and because most
countries like things like sovereignty. There is also an inherent conflict
between private citizen hacking and state sponsored hacking and the li
Miles is right. Their thinly veiled "stress tester" thing is not going to be
much of a defense. They must not have very good legal counsel. Here is the
issue. Stress testing is perfectly legal as long as I am:
a) Stress testing my own stuff
b) Stress testing your stuff WITH Y
Keep in mind also, the victims of these DDoS attacks do not know which "booter"
service was paid to attack them. The packets do not have "Stress test provided
by vBooter" in them. The attack packets do not come from the booter's or
Cloudflare's IP addresses, they come from secondary victims -- c
They don't discriminate, anyone can be a customer
https://www.youtube.com/watch?v=T4GfoSZ_sDc
great quote from the reporter "why do you need a court order to do the
right thing?"
On Thu, Jul 28, 2016 at 12:20 PM, Phil Rosenthal wrote:
> Keep in mind also, the victims of these DDoS attacks do no
It is not beyond the realm of law enforcement to run down the entire chain of
events all the way back to the “whodunit” and “howdunit”. It is pretty amazing
what they can figure out when they put their minds to it and don’t
underestimate what they can learn by getting someone in the hot seat un
Are you of the opinion that the victim of a DDoS attack who is not a
multi-billion-dollar corporation would actually receive help from the FBI as a
result of a DDoS attack?
In the past, I have been told that the dollar-threshold for the FBI to even
consider looking at a case was at least $2M in
;From: Phil Rosenthal [mailto:p...@isprime.com]
>Sent: Thursday, July 28, 2016 11:57 AM
>To: Naslund, Steve
>Cc: nanog@nanog.org
>Subject: Re: EVERYTHING about Booters (and CloudFlare)
>
>Are you of the opinion that the victim of a DDoS attack who is not a
>multi-billion-dollar co
The best analogy to real world would be to look at CloudFare as an arms dealer.
They don't start the war but they sure enable it. The governments probably
don't care who you sell arms to until their goat gets gored and then they are
coming for you. Believe me they have more than enough laws
On 7/28/16 11:56 AM, Niels Bakker wrote:
* mfidel...@meetinghouse.net (Miles Fidelman) [Thu 28 Jul 2016, 17:42
CEST]:
[...]
Now if Cloudflare were to actively suggest that folks use vBooter to
test systems, as a way to boost sales for Cloudflare - that would
certainly be an interesting test c
>> Actually, as someone pointed out, it might well be conspiracy - which
>> is criminal.
> looking forward to the court case, if it's really important it'll
> happen shortly, right?
we don't need no flippin' court. we can lynch 'em right here.
The difference between everyone posting here and for example the
intellectual property folks like RIAA is the latter has organization
and money.
As I said earlier one thing that organization and money has done is
defined, with some precision, where the boundaries are. It's a moving
target but tha
--- tknch...@gmail.com wrote:
They don't discriminate, anyone can be a customer
https://www.youtube.com/watch?v=T4GfoSZ_sDc
great quote from the reporter "why do you need a
court order to do the right thing?"
--
Holy crap that girl was painful to liste
>> They don't discriminate, anyone can be a customer
>> https://www.youtube.com/watch?v=T4GfoSZ_sDc
>
> Holy crap that girl was painful to listen to!
missed the girl. all i saw was prince and a fox 'news' woman. it was
pretty much like reading nanog.
randy
On 28 July 2016 at 19:27, chris wrote:
> They don't discriminate, anyone can be a customer
> https://www.youtube.com/watch?v=T4GfoSZ_sDc
>
> great quote from the reporter "why do you need a court order to do the
> right thing?"
Only failure here is accepting interview request from FOX. Who obviou
> great quote from the reporter "why do you need a court order to do the
> right thing?"
because i am not judge and jury. we leave that to network technicians.
randy
t;Cc: North American Network Operators' Group
>Subject: Re: EVERYTHING about Booters (and CloudFlare)
> great quote from the reporter "why do you need a court order to do the
> right thing?"
>because i am not judge and jury. we leave that to network technicians.
>randy
On Fri, 29 Jul 2016, Naslund, Steve wrote:
> What he said. If I am given a court order and follow it, I can't get sued
> when I knock you off the Internet.
>
> Steven Naslund
Because someone breaking AUPs and TOS is not enough. "Hey
I know you broke every rule in the book. Forget that for
now
On 29 Jul 2016, at 20:34, J. Oquendo wrote:
Because someone breaking AUPs and TOS is not enough.
The AUP, the TOS, and the RFP are the most powerful security tools any
network operator has at their disposal - assuming they've invested some
time and effort in crafting them, and in ensuring t
On Fri, Jul 29, 2016 at 08:58:23PM +0700, Roland Dobbins wrote:
> The AUP, the TOS, and the RFP are the most powerful security tools any
> network operator has at their disposal - assuming they've invested some time
> and effort in crafting them, and in ensuring they can be enforced.
This. A hund
61 matches
Mail list logo
