nanog mailing list archives
Re: EVERYTHING about Booters (and CloudFlare)
From: Phil Rosenthal <pr () isprime com>
Date: Thu, 28 Jul 2016 12:56:39 -0400
Are you of the opinion that the victim of a DDoS attack who is not a multi-billion-dollar corporation would actually receive help from the FBI as a result of a DDoS attack? In the past, I have been told that the dollar-threshold for the FBI to even consider looking at a case was at least $2M in damages. This was 10 years ago, and I can't imagine the threshold has gone down. -Phil
On Jul 28, 2016, at 12:51 PM, Naslund, Steve <SNaslund () medline com> wrote: It is not beyond the realm of law enforcement to run down the entire chain of events all the way back to the “whodunit” and “howdunit”. It is pretty amazing what they can figure out when they put their minds to it and don’t underestimate what they can learn by getting someone in the hot seat under the bare light bulb. They also have lots of informants. Victim complaints don’t matter a bit to these guys, it will take the guys in the windbreakers kicking in the doors one of these days. Steven Naslund Chicago ILOn Thu, Jul 28, 2016 at 12:20 PM, Phil Rosenthal <pr () isprime com<mailto:pr () isprime com>> wrote: Keep in mind also, the victims of these DDoS attacks do not know which "booter" service was paid to attack them. The packets do not have "Stress test provided by vBooter" in them. The attack packets do not ?>come from the booter's or Cloudflare's IP addresses, they come from secondary victims -- compromised servers, PC's infected with malware, and abused DNS/NTP [and a few other protocols] reflectors. It is impossible for a victim to submit a complaint to Cloudflare stating "I was attacked by someone paying vBooter", because they do not know which of the numerous "booter" services was responsible. -Phil
Current thread:
- Re: EVERYTHING about Booters (and CloudFlare), (continued)
- Re: EVERYTHING about Booters (and CloudFlare) Aaron (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Paul WALL (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Paras Jha (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Miles Fidelman (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Niels Bakker (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Miles Fidelman (Jul 28)
- RE: EVERYTHING about Booters (and CloudFlare) Naslund, Steve (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Phil Rosenthal (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) chris (Jul 28)
- RE: EVERYTHING about Booters (and CloudFlare) Naslund, Steve (Jul 28)
- Re: EVERYTHING about Booters (and CloudFlare) Phil Rosenthal (Jul 28)
- RE: EVERYTHING about Booters (and CloudFlare) Naslund, Steve (Jul 28)
- RE: EVERYTHING about Booters (and CloudFlare) Naslund, Steve (Jul 28)
- Cloudflare, dirty networks and politricks J. Oquendo (Jul 28)
- RE: Cloudflare, dirty networks and politricks Naslund, Steve (Jul 28)
- Re: Cloudflare, dirty networks and politricks J. Oquendo (Jul 28)
- Re: Cloudflare, dirty networks and politricks McDonald Richards (Jul 28)
- Re: Cloudflare, dirty networks and politricks J. Oquendo (Jul 28)
- Re: Cloudflare, dirty networks and politricks Seth Mattinen (Jul 28)
- Re: Cloudflare, dirty networks and politricks McDonald Richards (Jul 28)
- Re: Cloudflare, dirty networks and politricks Seth Mattinen (Jul 28)