<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div dir="ltr">You find it hypocritical that they host booter services? I find it hypocritical (and criminal, if anyone could prove it more than laughably strong correlation) that Cloudflare sales reps had such an impressive knowledge of when sites were getting DDoSed that they could show up to offer service before the admin even knew the site was down.</div><div dir="ltr"><br></div><div dir="ltr">I’ll never give them a penny.</div><div dir="ltr"><br></div><div dir="ltr">Matt</div><div dir="ltr"><br><blockquote type="cite">On Oct 25, 2019, at 06:22, Mike <mike-nanog@tiedyenetworks.com> wrote:<br><br></blockquote></div><blockquote type="cite"><div dir="ltr">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<div class="moz-cite-prefix">On 10/25/19 8:43 AM, Mike Hammett
wrote:<br>
</div>
<blockquote type="cite" cite="mid:1883709703.4915.1572018185208.JavaMail.mhammett@ThunderFuck">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div style="font-family: arial,helvetica,sans-serif; font-size:
10pt; color: #000000">Is the pricing any different if PNI or an
IX is used for the hand-off instead of GRE?
<div><br>
</div>
<div>DDoS-filtered transit is generally expensive, compared to
not-filtered transit.<br>
<br>
<div><span name="x"></span></div>
</div>
</div>
</blockquote>
<p><br>
</p>
<p>More expensive, by leaps and bounds. Don't know who could or
would possibly pay these prices but we're out for sure. <br>
</p>
<p><br>
</p>
<p>I just find it soooooo hypocritical that cloudflare actively
protects the very DDOS / Booter services that were being used to
order DDOS hits against our customer networks in the first place.
They have this to state:</p>
<p><br>
</p>
<p><a href="https://www.cloudflare.com/learning/ddos/ddos-attack-tools/ddos-booter-ip-stresser/">https://www.cloudflare.com/learning/ddos/ddos-attack-tools/ddos-booter-ip-stresser/</a></p>
<p>
</p><blockquote type="cite">
<h2 class="learning-content-h2" itemprop="headline" style="box-sizing: border-box; font-weight: 400; font-size:
20px; color: rgb(125, 71, 136); font-family: -apple-system,
BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen,
Ubuntu, Cantarell, "Fira Sans", "Droid
Sans", "Helvetica Neue", sans-serif;
font-style: normal; font-variant-ligatures: normal;
font-variant-caps: normal; letter-spacing: normal; orphans: 2;
text-align: start; text-indent: 0px; text-transform: none;
white-space: normal; widows: 2; word-spacing: 0px;
-webkit-text-stroke-width: 0px; background-color: rgb(242,
242, 242); text-decoration-style: initial;
text-decoration-color: initial;">Why are booter services hard
to trace?</h2>
<p style="box-sizing: border-box; font-weight: 500; color:
rgb(66, 66, 66); font-family: -apple-system,
BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen,
Ubuntu, Cantarell, "Fira Sans", "Droid
Sans", "Helvetica Neue", sans-serif; font-size:
16px; font-style: normal; font-variant-ligatures: normal;
font-variant-caps: normal; letter-spacing: normal; orphans: 2;
text-align: start; text-indent: 0px; text-transform: none;
white-space: normal; widows: 2; word-spacing: 0px;
-webkit-text-stroke-width: 0px; background-color: rgb(242,
242, 242); text-decoration-style: initial;
text-decoration-color: initial;">The person buying these
criminal services uses a frontend website for payment, and
instructions relating to the attack. Very often there is no
identifiable connection to the backend initiating the actual
attack. Therefore, criminal intent can be hard to prove.
Following the payment trail is one way to track down criminal
entities.</p>
</blockquote>
<p></p>
<p><br>
</p>
<p>Well guess what cloudflare? Thats a very good idea. Please open
your books and allow us to 'follow the payment trail'....</p>
<p><br>
</p>
<p>And a quick google shows up first result, and a cloudflare
protected site:</p>
<p><br>
</p>
<p><a class="moz-txt-link-freetext" href="https://str3ssed.co">https://str3ssed.co</a></p>
<p><br>
</p>
<p><br>
</p>
<p>Ugh.<br>
</p>
<p><br>
</p>
</div></blockquote></body></html>