[190780] in North American Network Operators' Group
Re: EVERYTHING about Booters (and CloudFlare)
daemon@ATHENA.MIT.EDU (Paras Jha)
Wed Jul 27 10:37:24 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <31050b39-6c4e-3cad-4429-3eb7eea9e4de@utwente.nl>
From: Paras Jha <paras@protrafsolutions.com>
Date: Wed, 27 Jul 2016 10:37:21 -0400
To: Jair Santanna <j.j.santanna@utwente.nl>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Hi Jair,
This list is really interesting.
From just a preliminary test, more than half of these domains are hiding
behind Cloudflare, and OVH has a sizable fraction too. I suppose it's
inevitable, given that both are known for having non-existent abuse
departments.
Regards
On Wed, Jul 27, 2016 at 9:49 AM, Jair Santanna <j.j.santanna@utwente.nl>
wrote:
> Hi folks,
>
> A friend forward me your topic about Booters and CloudFlare. Then I
> decided to join the NANOG list. The *answer* for the first question about
> CloudFlare and Booters is at: https://www.youtube.com/watch?v=wW5vJyI_HcU
> (minute 45:55) given by the _CloudFlare CEO_ in the blackhat2013.
>
> I investigate Booters since 2013 and I know many (if not all) the possible
> aspects about this DDoS-as-a-Service phenomenon. A summary of my entire
> research (or large part of that) can be watched at
> https://tnc16.geant.org/web/media/archive/3A (from minute 22:53). On top
> of that, I developed an algorithm to find Booters and publicly share such
> list (http://booterblacklist.com/). My main goal with this initiative is
> to convince people to blacklist and keep on track the users that access
> Booters (that potentially perform attacks)
>
> If you have any question about any aspect of the entire phenomenon don't
> hesitate to contact me. By the way, I want to help deploy the booters
> blacklist worldwide and help prosecutors to shutdown this bastards. I have
> many evidences!
>
> Cheers,
>
> Jair Santanna
> jairsantanna.com
>
>
>
>
--
Regards,
Paras
President
ProTraf Solutions, LLC
Enterprise DDoS Mitigation
