cloudflare hosting a ddos service?
Eric Kuhnke
eric.kuhnke at gmail.com
Wed Jul 27 02:50:41 UTC 2016
Looks like barrier to obtaining an EV SSL certificate is not very high
these days.
There's documentation requirements, but root CAs can't be seen to
discriminate against companies in the developing world. I suppose all you
need is a scanned business license/incorporation documents from your local
municipality in Outer Elbonia, and a few scanned copies of fake ID, and
your $99 payment for the first year.
On Tue, Jul 26, 2016 at 7:33 PM, Paras Jha <paras at protrafsolutions.com>
wrote:
> This is quite common, almost all of the DDoS-for-hire services are hosted
> behind CloudFlare, and a great majority of them take PayPal. Another one
> had even managed to secure an EV SSL cert.
>
> On Tue, Jul 26, 2016 at 10:24 PM, Dovid Bender <dovid at telecurve.com>
> wrote:
>
> > I used to have a boss that was convinced that MCafee was writing viruses
> > to stay in business....
> >
> > Regards,
> >
> > Dovid
> >
> > -----Original Message-----
> > From: Phil Rosenthal <pr at isprime.com>
> > Sender: "NANOG" <nanog-bounces at nanog.org>Date: Tue, 26 Jul 2016 22:17:53
> > To: jim deleskie<deleskie at gmail.com>
> > Cc: NANOG list<nanog at nanog.org>
> > Subject: Re: cloudflare hosting a ddos service?
> >
> > Plus, it’s good for business!
> >
> > -Phil
> >
> > > On Jul 26, 2016, at 10:14 PM, jim deleskie <deleskie at gmail.com> wrote:
> > >
> > > sigh...
> > >
> > > On Tue, Jul 26, 2016 at 10:55 PM, Patrick W. Gilmore <
> patrick at ianai.net>
> > > wrote:
> > >
> > >> CloudFlare will claim they are not hosting the problem. They are just
> > >> hosting the web page that lets you pay for or points at or otherwise
> > >> directs you to the problem.
> > >>
> > >> The actual source of packets is some other IP address. Therefore, they
> > can
> > >> keep hosting the web page. It is not sending the actual
> > >> [spam|DDoS|hack|etc.], right? So stop asking them to do something
> about
> > it!
> > >>
> > >> Whether you think that is the proper way to provide service on the
> > >> Internet is left as an exercise to the reader.
> > >>
> > >> --
> > >> TTFN,
> > >> patrick
> > >>
> > >>> On Jul 26, 2016, at 9:49 PM, Mike <mike-nanog at tiedyenetworks.com>
> > wrote:
> > >>>
> > >>> Hi,
> > >>>
> > >>> So vbooter.org's dns and web is hosted by cloudflare?
> > >>>
> > >>> "Using vBooter you can take down home internet connections, websites
> > and
> > >> game servers such us Minecraft, XBOX Live, PSN and many more."
> > >>>
> > >>> dig -t ns vbooter.org
> > >>>
> > >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t ns vbooter.org
> > >>> ;; global options: +cmd
> > >>> ;; Got answer:
> > >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62177
> > >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
> > >>>
> > >>> ;; OPT PSEUDOSECTION:
> > >>> ; EDNS: version: 0, flags:; udp: 512
> > >>> ;; QUESTION SECTION:
> > >>> ;vbooter.org. IN NS
> > >>>
> > >>> ;; ANSWER SECTION:
> > >>> vbooter.org. 21599 IN NS rick.ns.cloudflare.com.
> > >>> vbooter.org. 21599 IN NS amy.ns.cloudflare.com.
> > >>>
> > >>> dig -t a www.vbooter.org
> > >>>
> > >>> ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> -t a www.vbooter.org
> > >>> ;; global options: +cmd
> > >>> ;; Got answer:
> > >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920
> > >>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
> > >>>
> > >>> ;; OPT PSEUDOSECTION:
> > >>> ; EDNS: version: 0, flags:; udp: 512
> > >>> ;; QUESTION SECTION:
> > >>> ;www.vbooter.org. IN A
> > >>>
> > >>> ;; ANSWER SECTION:
> > >>> www.vbooter.org. 299 IN CNAME vbooter.org.
> > >>> vbooter.org. 299 IN A 104.28.13.7
> > >>> vbooter.org. 299 IN A 104.28.12.7
> > >>>
> > >>>
> > >>> Can anyone from cloudflare answer me why this fits with your
> business
> > >> model?
> > >>>
> > >>> Mike-
> > >>
> > >>
> >
> >
>
>
> --
> Regards,
> Paras
>
> President
> ProTraf Solutions, LLC
> Enterprise DDoS Mitigation
>
More information about the NANOG
mailing list