6
[11:33:17 PM] live:anna-senpai: hi
 Wednesday, September 28, 2016
[10:23:08 AM] live:anna-senpai: ^
[10:26:08 AM] katie.onis: hi there.
[10:26:52 AM] katie.onis: How can I help you?
[10:28:06 AM] live:anna-senpai: hi
[10:28:45 AM] live:anna-senpai: you know i had my suspicions, but this one was proof

http://imgur.com/E1yFJOp



don't get me wrong, im not even mad, it was pretty funny actually
[10:28:59 AM] live:anna-senpai: nobody has ever done that to my c2
[10:29:25 AM] live:anna-senpai: (goldmedal)
[10:29:29 AM] katie.onis: ah you're mistaken, that's not us.
[10:29:33 AM] katie.onis: but we know who it is
[10:29:42 AM] live:anna-senpai: eric / 9gigs
[10:29:47 AM] katie.onis: no, 9gigs is erik
[10:29:48 AM] katie.onis: not eric
[10:29:53 AM] katie.onis: different people
[10:30:09 AM] live:anna-senpai: oh?
[10:30:17 AM] katie.onis: yep
[10:30:39 AM] live:anna-senpai: is he someone related to you guys?
[10:30:44 AM] katie.onis: not related to us, we just know him
[10:30:50 AM] katie.onis: anyway, we're not interested in any harm, we simply don't want attacks against us.
[10:31:16 AM] live:anna-senpai: yeah i figured, i added you because i wanted to tip my hat if that was actually you lol
[10:31:24 AM] katie.onis: we didn't make that dumb post
[10:31:26 AM] katie.onis: if that is what you are asking
[10:31:30 AM] katie.onis: but yes, we were involved in doing that.
[10:31:47 AM] live:anna-senpai: so you got it nulled, but some other eric is claiming credit for it?
[10:31:52 AM] katie.onis: seems so.
[10:31:52 AM] live:anna-senpai: eric with a c
[10:31:56 AM] live:anna-senpai: lol
[10:32:17 AM] live:anna-senpai: can't say im surprised, tons of people take credit for things that they didn't do if nobody else takes credit for
[10:32:24 AM] katie.onis: we're not interested in taking credit
[10:32:30 AM] katie.onis: we just wanted the attacks to get smaller
[10:32:31 AM] katie.onis: lol
[10:32:35 AM] live:anna-senpai: lol
[10:32:54 AM] katie.onis: we have a job to do and we don't gloat.
[10:33:23 AM] live:anna-senpai: i get it, and i hope you know that i dont have some kind of vendetta either
[10:33:31 AM] live:anna-senpai: someone wanted all servers on .org sponsored gone
[10:34:07 AM] live:anna-senpai: the ethics of ddos and whatnot, that's a separate argument, but in my country hacking is only illegal if you do something physical to the computer (physical access)
[10:34:26 AM] live:anna-senpai: lol
[10:34:31 AM] katie.onis: we never question legality or anything. it's our job to defend against the attack. we weren't able to immediately do that.
[10:34:39 AM] katie.onis: no host was able to lmao
[10:34:45 AM] live:anna-senpai: lol yeah
[10:35:17 AM] katie.onis: so we targetted the cnc
[10:35:19 AM] live:anna-senpai: To view this shared photo, go to: https://login.skype.com/login/sso?go=webclient.xmm&pic=0-weu-d2-2cc51703223980e5bc74035e586f8e75
[10:35:25 AM] katie.onis: we've done this *a lot* actually.
[10:35:41 AM] live:anna-senpai: yeah i figured, you were the first people to actually provide some kind of challenge
[10:35:52 AM] live:anna-senpai: id admit i had fun
[10:35:59 AM] katie.onis: that's why people attack us ;-;
[10:36:13 AM] katie.onis: because we don't just sit down and take it lmao
[10:36:18 AM] live:anna-senpai: yeah
[10:37:13 AM] live:anna-senpai: one thing ill say though, im surprised the syn floods didn't touch  you
[10:37:22 AM] katie.onis: our mitigation is line-rate.
[10:37:25 AM] live:anna-senpai: that raped everybody else, even krebs on akamai
[10:37:36 AM] katie.onis: we never get affected by high pps floods
[10:37:47 AM] katie.onis: we have like *true* line-rate mitigation
[10:37:56 AM] katie.onis: capacity is our only issue
[10:38:12 AM] live:anna-senpai: yeah
[10:38:56 AM] live:anna-senpai: was the ack floods maxing out all of your links?
[10:39:16 AM] katie.onis: not entirely
[10:39:20 AM] katie.onis: but balancing the traffic was impossible
[10:39:42 AM] live:anna-senpai: lacp?
[10:39:49 AM] katie.onis: anycast
[10:39:51 AM] katie.onis: across multiple locations
[10:40:03 AM] live:anna-senpai: well yeah i know that, san jose, ashburn, and amsterdam
[10:40:13 AM] live:anna-senpai: but i mean, you have more than 10G at each location obviously
[10:40:24 AM] katie.onis: your botnet heavily favors EU
[10:40:30 AM] katie.onis: we actually mitigated your attack at one point
[10:40:30 AM] katie.onis: by just
[10:40:35 AM] katie.onis: making it so EU was a sinkhole
[10:40:42 AM] katie.onis: and just leaving the location offline
[10:40:47 AM] live:anna-senpai: lol
[10:40:58 AM] live:anna-senpai: yeah i realized that
[10:41:05 AM] live:anna-senpai: thats why i was trying to hit your unicast space
[10:41:12 AM] katie.onis: we anycasted the unicast space when you did that
[10:41:21 AM] live:anna-senpai: how does that work with tcp?
[10:41:31 AM] katie.onis: we have l2 transport betwen all locations
[10:41:33 AM] live:anna-senpai: don't you need to terminate the connections from your backends to your clients
[10:41:39 AM] live:anna-senpai: ah i see
[10:41:41 AM] katie.onis: so we just did normal routing.
[10:42:48 AM] live:anna-senpai: at like 1am pst  on two separate nights i sent you some traffic to see how things would fall
[10:43:04 AM] live:anna-senpai: you nulled all the ips though :c
[10:43:08 AM] live:anna-senpai: well
[10:43:10 AM] live:anna-senpai: like half of them
[10:43:11 AM] katie.onis: it's automatic.
[10:43:41 AM] katie.onis: we null in under a second mostly because nulls are applied on the filters.
[10:43:45 AM] live:anna-senpai: does your autonuller look at aggregate traffic and keep nulling the ip receiving the most traffic till the aggregate goes below saturation?
[10:44:02 AM] katie.onis: the filter detects link saturation and packet loss after an event
[10:44:05 AM] katie.onis: and pushes a null to the router
[10:44:09 AM] live:anna-senpai: cause with the amount of ips it was hitting, each ip was only getting like 20gbps
[10:44:37 AM] live:anna-senpai: i see
[10:44:41 AM] live:anna-senpai: cool
[10:44:53 AM] live:anna-senpai: isn't there a maximum number of nulls you can place with telia though?
[10:44:58 AM] live:anna-senpai: maximum # of simultaneous
[10:45:01 AM] katie.onis: our prefix limit is 10k
[10:45:06 AM] katie.onis: on all of our bgp sessions
[10:45:20 AM] katie.onis: so, no issue.
[10:45:33 AM] live:anna-senpai: is it with community, or does telia have a blackhole server or something
[10:45:48 AM] katie.onis: community
[10:45:53 AM] katie.onis: you can check their communities they're publicly available haha
[10:45:59 AM] live:anna-senpai: yeah i was
[10:46:09 AM] live:anna-senpai: i just didnt know how it was arriving there
[10:46:45 AM] live:anna-senpai: i was using telia's looking glass to try to find the routers advertising your prefixes
[10:46:54 AM] live:anna-senpai: but those ips were untouchable
[10:47:05 AM] katie.onis: they're all blackholed.
[10:47:15 AM] live:anna-senpai: yeah your end of the link is blackholed
[10:47:15 AM] katie.onis: we've had someone try that before
[10:47:21 AM] live:anna-senpai: and telia's end was untouchable
[10:47:23 AM] katie.onis: is that what you did to akamai?
[10:47:36 AM] live:anna-senpai: it wasn't even me attacking akamai - funny story
[10:47:42 AM] live:anna-senpai: i sell net spots, starting at $5k a week
[10:47:50 AM] live:anna-senpai: and one client was upset about applejack arrest
[10:48:01 AM] live:anna-senpai: so while i was gone he was sitting on them for hours with gre and ack
[10:48:14 AM] live:anna-senpai: when i came back i was like oh fuck
[10:48:16 AM] live:anna-senpai: and whitelisted the prefix
[10:48:24 AM] live:anna-senpai: but then krebs tweeted that akamai is kicking them off
[10:48:31 AM] live:anna-senpai: fuck me
[10:48:43 AM] live:anna-senpai: he was a cool guy too, i like his article
[10:49:11 AM] katie.onis: i love the conspiracy guys thinking this is china or another country haha
[10:49:18 AM] live:anna-senpai: yea
[10:49:22 AM] live:anna-senpai: lol
[10:49:29 AM] katie.onis: can't deal with the fact the internet is so insecure
[10:49:31 AM] katie.onis: gotta make it sound hard
[10:49:34 AM] live:anna-senpai: the scheiner on security blog post
[10:49:40 AM] live:anna-senpai: "someone is learning how to take down the internet"
[10:49:47 AM] live:anna-senpai: lol
[10:50:24 AM] live:anna-senpai: but on the plus side, ever since i have been running infecting these iot telnet devices
[10:50:36 AM] live:anna-senpai: i have good killer so nobody else can assemble a large net
[10:50:53 AM] live:anna-senpai: i monitor the devices to see for any new threats
[10:51:33 AM] live:anna-senpai: and when i find any new host, i get them taken down
[10:51:50 AM] live:anna-senpai: you might find this entertaining
[10:51:52 AM] live:anna-senpai: To view this shared photo, go to: https://login.skype.com/login/sso?go=webclient.xmm&pic=0-weu-d2-fff09d6423c8330da8bbfcbff84925d6
[10:53:54 AM] katie.onis: Haha :p
[10:54:17 AM] katie.onis: People have a genuine reason to be unhappy though about large attacks like this
[10:54:27 AM] live:anna-senpai: yeah
[10:54:32 AM] katie.onis: There's really nothing anyone can do lol
[10:54:36 AM] live:anna-senpai: :P
[10:54:38 AM] katie.onis: And it does affect their lives
[10:55:10 AM] live:anna-senpai: well, i stopped caring about other people a long time ago
[10:55:18 AM] live:anna-senpai: my life experience has always been get fucked over or fuck someone else over
[10:55:52 AM] katie.onis: My experience with PP thus far has been
[10:55:54 AM] katie.onis: Do nothing bad to anyone
[10:55:58 AM] katie.onis: And still get screwed over
[10:55:59 AM] katie.onis: Haha
[10:56:02 AM] live:anna-senpai: lol
[10:56:42 AM] live:anna-senpai: ¯\_(ツ)_/¯
[10:56:43 AM] katie.onis: Gets a bit demoralizing
[10:56:54 AM] live:anna-senpai: welcome to the internet, lol
[10:57:08 AM] live:anna-senpai: krebs latest article very good read for me
[10:57:20 AM] live:anna-senpai: er the one before
[10:57:25 AM] live:anna-senpai: about democratization of censorship
[10:57:44 AM] katie.onis: Haven't read it extensively
[10:57:48 AM] katie.onis: I've been on vacation for the past 2 weeks actually
[10:57:52 AM] katie.onis: Just got back
[10:57:59 AM] live:anna-senpai: oh i see
[10:58:05 AM] katie.onis: Went to Norway
[10:58:07 AM] katie.onis: Great country.
[10:58:12 AM] live:anna-senpai: cool
[10:58:31 AM] live:anna-senpai: the land of snowden
[10:58:33 AM] katie.onis: Idk where you are but you should visit it ;D so green
[10:58:33 AM] live:anna-senpai: lol
[10:59:02 AM] live:anna-senpai: maybe, i just want to save up money from ddos and then move to another place than the shithole im in now
[10:59:14 AM] live:anna-senpai: road to 1 million euros
[10:59:15 AM] live:anna-senpai: !
[10:59:20 AM] katie.onis: Not bad :p
[10:59:46 AM] katie.onis: I used to be scared of travelling though
[10:59:48 AM] katie.onis: planes and such
[10:59:50 AM] katie.onis: Not bad though
[11:01:09 AM] live:anna-senpai: yeah
[11:01:27 AM] live:anna-senpai: hm, kreb site 403 forbidden
[11:01:30 AM] live:anna-senpai: wtf happen
[11:01:48 AM] katie.onis: I feel this is just poor website management
[11:01:52 AM] katie.onis: not much more.
[11:02:04 AM] live:anna-senpai: hm maybe
[11:02:08 AM] live:anna-senpai: google's ddos mitigation sucks lol
[11:02:15 AM] live:anna-senpai: i send 100krps frrom bots and it falls over
[11:02:26 AM] live:anna-senpai: i think they are just use to absorbing attack on their entire infrastructure
[11:02:28 AM] live:anna-senpai: rather than blocking
[11:02:39 AM] katie.onis: well
[11:02:44 AM] katie.onis: they can do that for most of their infastructure
[11:02:46 AM] katie.onis: but things like YouTube
[11:02:47 AM] live:anna-senpai: yea
[11:02:51 AM] katie.onis: I don't think they're as lucky
[11:03:02 AM] live:anna-senpai: why is that
[11:03:04 AM] katie.onis: YouTube uses MySQL
[11:03:07 AM] katie.onis: and python
[11:03:08 AM] live:anna-senpai: lot of videos can be cached
[11:03:11 AM] live:anna-senpai: WHAT
[11:03:14 AM] live:anna-senpai: LOL
[11:03:17 AM] live:anna-senpai: really?
[11:03:23 AM] katie.onis: they did a writeup on the stack yeah
[11:03:32 AM] live:anna-senpai: well even so, as long as its scalable they can just throw more money at it
[11:03:41 AM] live:anna-senpai: i mean maybe there's limit to the database
[11:03:52 AM] live:anna-senpai: where lock contention starts to burn more cputime than actual writes
[11:03:58 AM] katie.onis: I don't think anyone's ever been interested in hitting youtube
[11:04:26 AM] live:anna-senpai: maybe
[11:04:38 AM] live:anna-senpai: even so, lock contention can be solved with proper hashing, just increase complexity of hash output
[11:04:43 AM] live:anna-senpai: idk
[11:05:02 AM] katie.onis: lock contention with mysql is tricky
[11:05:13 AM] katie.onis: I got a mysql DB to 2000 queries per second before it goes from 70% cpu straight to 800%
[11:05:16 AM] katie.onis: from lock contention.
[11:05:33 AM] live:anna-senpai: :/
[11:05:53 AM] katie.onis: yeah it seems to have no use for multiple cpus
[11:05:54 AM] katie.onis: very well
[11:05:55 AM] katie.onis: anyway
[11:06:23 AM] live:anna-senpai: akamai news article bs, too
[11:06:31 AM] live:anna-senpai: "we could have mitigated it but it was too expensive"
[11:06:38 AM] live:anna-senpai: it was taking offline the site lol
[11:07:10 AM] katie.onis: it was too expensive because their locations started going offline
[11:07:17 AM] live:anna-senpai: lol
[11:07:17 AM] katie.onis: and they started to need to pay SLA credits
[11:07:27 AM] live:anna-senpai: yeah
[11:07:30 AM] katie.onis: which brings me to question
[11:07:32 AM] live:anna-senpai: they had a "network event"
[11:07:34 AM] katie.onis: what caused their locations to go offline?
[11:07:36 AM] katie.onis: was that hitting their routers?
[11:07:38 AM] live:anna-senpai: where they advise people to route off plx platform
[11:07:41 AM] live:anna-senpai: yeah that was it
[11:07:42 AM] live:anna-senpai: lol
[11:07:55 AM] katie.onis: they have a total of 2Tbps capacity, but only 500gbit per location
[11:08:16 AM] live:anna-senpai: im not even sure who numbers are accurate
[11:08:21 AM] live:anna-senpai: akamai says 656 gbps
[11:08:24 AM] live:anna-senpai: ovh says 900gbps
[11:08:30 AM] live:anna-senpai: they sound like exxagerate
[11:08:32 AM] katie.onis: ovh are huge liars.
[11:08:36 AM] katie.onis: and akamai exaggerated
[11:08:44 AM] katie.onis: I was talking to erik about it, and he agrees they exaggerated.
[11:08:49 AM] live:anna-senpai: heh
[11:08:51 AM] katie.onis: when we can measure it at two of our locations and it doesn't saturate
[11:08:51 AM] live:anna-senpai: yeah probably
[11:09:00 AM] katie.onis: it's pretty much an exaggeration
[11:09:01 AM] katie.onis: lmao
[11:09:05 AM] live:anna-senpai: lol
[11:09:21 AM] katie.onis: which makes me sad about the sorry state of ddos mitigation
[11:09:33 AM] live:anna-senpai: everyone lies because everyone else does
[11:09:39 AM] live:anna-senpai: everyone wants to throw numbers out there
[11:09:49 AM] live:anna-senpai: and akamai wants it to seem especially big since they kick off major journalist in it world
[11:10:03 AM] katie.onis: if you don't lie your customers will leave because another firm said they could mitigate up to 500gbit or etc
[11:10:04 AM] katie.onis: lmao
[11:10:09 AM] live:anna-senpai: lol
[11:10:12 AM] katie.onis: and they might be cheaper too!
[11:10:23 AM] live:anna-senpai: voxility 990gbps ddos protection!
[11:10:37 AM] katie.onis: voxility's graphs are very exaggerated
[11:10:39 AM] katie.onis: I've noticed.
[11:10:44 AM] live:anna-senpai: it destroys their entire network too
[11:10:53 AM] live:anna-senpai: the supposed 550mpps was causing all locations to die
[11:11:05 AM] live:anna-senpai: people complaining too on lowendtalk about on permanent mitigation and having issues
[11:11:19 AM] katie.onis: voxility's mitigation is awful pps wise.
[11:11:23 AM] live:anna-senpai: yeah
[11:11:39 AM] katie.onis: tbh I have no clue what they're using for mitigation
[11:11:47 AM] katie.onis: they say it's custom but
[11:11:47 AM] live:anna-senpai: prayers
[11:11:52 AM] live:anna-senpai: lol
[11:11:57 AM] katie.onis: it's so bad.
[11:12:18 AM] katie.onis: and they can't fix how bad it is either.
[11:12:43 AM] live:anna-senpai: one thing i don't understand
[11:12:45 AM] live:anna-senpai: ovh never nulls
[11:12:57 AM] System: You have 2 online endpoints:

	 {8df45cdb-aeb7-a06b-c3dd-2d4731508c06}) coelho Linux Skype

	 {49f2e032-57e5-ab09-5ac8-c7613cfcb137}) coelho-2.local Mac Skype
[11:13:06 AM] live:anna-senpai: the large ack floods they cannot handle on their routers with ACLs or on their tilera
[11:13:10 AM] live:anna-senpai: so it goes to  arbor
[11:13:24 AM] live:anna-senpai: and every time it knocks out the arbor in france and canada
[11:13:28 AM] live:anna-senpai: why they never null lol
[11:13:39 AM] live:anna-senpai: even voxility nulls now
[11:14:14 AM] katie.onis: voxility has no automatic system in place though
[11:14:17 AM] katie.onis: so their network stability is awful
[11:14:34 AM] katie.onis: ovh probably never nulls because they don’t need to.
[11:14:38 AM] katie.onis: people will buy whatever garabge they make lol
[11:14:47 AM] live:anna-senpai: lol
[11:14:54 AM] katie.onis: they’ll always be sold out
[11:14:56 AM] katie.onis: they don't need to please their customers.
[11:15:02 AM] live:anna-senpai: low budget man
[11:15:17 AM] live:anna-senpai: it was funny, when i attack viperhcf on ovh  other clients on perma mitigation go offline too (badlion, hive, etc)
[11:15:40 AM] katie.onis: I’m actually curious
[11:15:45 AM] katie.onis: was viperhcf your own vendetta
[11:15:46 AM] katie.onis: or a customer?
[11:15:55 AM] live:anna-senpai: customer
[11:16:25 AM] live:anna-senpai: another server owner
[11:16:27 AM] live:anna-senpai: lol
[11:16:45 AM] katie.onis: interesting :p
[11:16:57 AM] katie.onis: i wonder who ~
[11:17:03 AM] live:anna-senpai: :)
[11:17:07 AM] live:anna-senpai: lol
[11:17:24 AM] katie.onis: I have a few ideas anyway
[11:17:34 AM] live:anna-senpai: lol
[11:17:48 AM] katie.onis: I’ve alwasy been under the understanding though
[11:17:51 AM] katie.onis: that knowing who does it
[11:17:53 AM] katie.onis: doesn’t help us mitigate it
[11:18:01 AM] live:anna-senpai: very astute
[11:18:03 AM] katie.onis: so we don’t bother looking too much
[11:18:17 AM] katie.onis: it’s fun for curiosities sake
[11:18:19 AM] katie.onis: but that's it.
[11:18:29 AM] live:anna-senpai: well, what about if by knowing who it is you can prevent further attacks?
[11:18:43 AM] live:anna-senpai: maybe the thought of being exposed would be enough to prevent it
[11:18:55 AM] live:anna-senpai: is that not a form of attack mitigation?
[11:19:05 AM] katie.onis: Haven’t been in that situation before :p
[11:20:14 AM] katie.onis: Most of the time when we know who it is
[11:20:15 AM] katie.onis: They just deny it
[11:20:53 AM] live:anna-senpai: how often would that happen?
[11:21:03 AM] live:anna-senpai: well maybe i suppose it depend on who it is / where they are based from
[11:21:11 AM] katie.onis: I think the only time it happened was during the ProTraf launch.
[11:21:30 AM] live:anna-senpai: if they are based in some 1st world country with good law enforcement
[11:21:39 AM] live:anna-senpai: surprised they would be brazen enough to continue
[11:21:47 AM] katie.onis: Law enforcement is useless.
[11:21:56 AM] katie.onis: We previously had a VRSN contract
[11:22:02 AM] katie.onis: Which gave us a lot of contacts in the FBI
[11:22:07 AM] katie.onis: They are not very productive, to say the least.
[11:22:11 AM] katie.onis: They reply to us, but do nothing.
[11:22:15 AM] live:anna-senpai: lol
[11:22:44 AM] live:anna-senpai: vdos operators picked up by israel authorities at request of fbi
[11:22:59 AM] katie.onis: And how late were they there? :)
[11:23:04 AM] live:anna-senpai: lol
[11:23:31 AM] live:anna-senpai: > I think the only time it happened was during the ProTraf launch.
[11:23:35 AM] live:anna-senpai: whats story behind here?
[11:23:54 AM] live:anna-senpai: i dont know them very well except from some people talk about it when i start selling ddos in mc community
[11:24:11 AM] katie.onis: long story haha
[11:24:16 AM] katie.onis: I don't even remember most
[11:24:23 AM] katie.onis: But it has to do with CJ
[11:24:41 AM] live:anna-senpai: hm, i have heard that name before
[11:25:16 AM] katie.onis: He's the guy behind 1.3.3.7 and datawagon
[11:25:25 AM] live:anna-senpai: oh yes, that was in krebs article too
[11:25:31 AM] live:anna-senpai: about backconnect bgp hijack
[11:25:33 AM] live:anna-senpai: lol
[11:25:39 AM] katie.onis: oh I'm actually curious!
[11:25:44 AM] katie.onis: how bad is backconnect actually.
[11:25:54 AM] katie.onis: in terms of like
[11:25:56 AM] katie.onis: the bgp hijacks
[11:25:56 AM] katie.onis: etc
[11:25:57 AM] live:anna-senpai: well i mean it seems to be voxility resold protection
[11:26:02 AM] live:anna-senpai: with sucriata waf in front
[11:26:07 AM] katie.onis: It is. It's a joke lol
[11:26:25 AM] live:anna-senpai: and the whole thing about backconnect and the freesoftwarefoundation
[11:26:31 AM] live:anna-senpai: sketchy asf
[11:26:34 AM] live:anna-senpai: lol
[11:28:37 AM] katie.onis: yeep
[11:28:47 AM] katie.onis: was wondering if you knew anything about the things they did
[11:28:48 AM] katie.onis: :p
[11:28:52 AM] katie.onis: didn't know how sketchy they were exactly
[11:29:11 AM] live:anna-senpai: yeah
[11:29:21 AM] live:anna-senpai: lol
[11:29:36 AM] live:anna-senpai: what is cj / datawagon to do with protraf?
[11:29:47 AM] live:anna-senpai: cj schuler or something
[11:30:05 AM] katie.onis: was one of the original people behind it
[11:30:10 AM] katie.onis: and he did a lot of attacks against other people
[11:30:14 AM] katie.onis: to make protraf look good at it's launch
[11:30:16 AM] katie.onis: even though it only had like
[11:30:18 AM] katie.onis: 50G capacity?
[11:30:29 AM] katie.onis: and the service quality was so bad that all the customers they got
[11:30:30 AM] katie.onis: left
[11:30:44 AM] live:anna-senpai: lol
[11:30:51 AM] katie.onis: so everything is normal now
[11:31:27 AM] katie.onis: I don't know if it was CJ
[11:31:30 AM] katie.onis: it may have been another person close to them
[11:31:37 AM] katie.onis: we never got full closure on that
[11:31:57 AM] live:anna-senpai: its mildly interesting
[11:32:02 AM] live:anna-senpai: maybe it will take 3 - 4 years
[11:32:06 AM] katie.onis: starting a ddos mitigation company
[11:32:06 AM] live:anna-senpai: lol
[11:32:09 AM] katie.onis: by ddosing all the competition
[11:32:10 AM] katie.onis: is interesting
[11:32:18 AM] live:anna-senpai: lol
[11:32:24 AM] live:anna-senpai: is cj have stake in protraf?
[11:32:29 AM] katie.onis: I don't *think* so?
[11:32:50 AM] katie.onis: he wasn't doing it for money. he was doing it because he could
[11:32:54 AM] katie.onis: and because his friends owned PT
[11:32:58 AM] katie.onis: is my understanding
[11:33:10 AM] live:anna-senpai: lol
[11:33:29 AM] live:anna-senpai: how large were those attacks?
[11:33:58 AM] katie.onis: honestly have no memory
[11:34:04 AM] katie.onis: this was about a year and a half?
[11:34:05 AM] katie.onis: ago
[11:34:35 AM] katie.onis: it's been awhile
[11:35:23 AM] live:anna-senpai: do you know if cj friends with someone called amar
[11:35:29 AM] katie.onis: AZ
[11:35:32 AM] katie.onis: yes
[11:35:34 AM] live:anna-senpai: or dal33t?
[11:35:39 AM] katie.onis: AZ/dal33t/amar
[11:36:04 AM] live:anna-senpai: yeah wasnt he that fastreturn guy
[11:36:07 AM] katie.onis: yep
[11:36:15 AM] katie.onis: PT is FastReturn
[11:36:16 AM] katie.onis: basically
[11:36:24 AM] live:anna-senpai: oh?
[11:36:51 AM] katie.onis: I think they still have the original fastreturn IP space
[11:36:54 AM] katie.onis: being announced elsewhere
[11:36:55 AM] katie.onis: but
[11:37:02 AM] katie.onis: PT was suppsoed to be the "new" FR
[11:37:04 AM] katie.onis: from my understanding
[11:37:19 AM] live:anna-senpai: lol
[11:37:48 AM] live:anna-senpai: once upon a time i spoke to dal33t on hackforums
[11:38:09 AM] live:anna-senpai: cool that it has come full circle or something
[11:38:59 AM] katie.onis: :p
[11:39:11 AM] live:anna-senpai: everyone is related
[11:40:01 AM] live:anna-senpai: lol
[11:40:12 AM] live:anna-senpai: a very large big minecraft server contact me asking to tear down hypixel
[11:40:29 AM] live:anna-senpai: its funny, when they went on staminus all of staminus went offline
[11:41:51 AM] katie.onis: when the staminus hack happened
[11:41:53 AM] katie.onis: we were all curious
[11:41:57 AM] katie.onis: how their mitigation was not leaked
[11:42:13 AM] live:anna-senpai: their mitigation is shit
[11:42:14 AM] live:anna-senpai: its mostly iptables
[11:42:18 AM] live:anna-senpai: and a few whitelabel huawei
[11:42:25 AM] katie.onis: really?
[11:42:28 AM] katie.onis: crazy
[11:42:29 AM] live:anna-senpai: yea
[11:42:39 AM] katie.onis: They must have a LOT of boxes
[11:42:43 AM] live:anna-senpai: yea
[11:42:52 AM] live:anna-senpai: they had multiple racks
[11:42:56 AM] live:anna-senpai: per location
[11:43:06 AM] live:anna-senpai: and iptables raw filtering
[11:43:06 AM] live:anna-senpai: lol
[11:43:28 AM] live:anna-senpai: thats why anything even remotely complex that is high pps makes their network fall over
[11:43:35 AM] katie.onis: still curious how that was not leaked.
[11:43:39 AM] live:anna-senpai: since it goes past their iptables and kills the huawei
[11:44:06 AM] live:anna-senpai: i am not sure, i think the attacker just didnt care
[11:44:23 AM] live:anna-senpai: in the access credentials that he dropped, you could pivot off the devices onto the mitigation
[11:44:42 AM] katie.onis: we actually believed it was another mitigation company from the understanding that it was not leaked
[11:44:42 AM] live:anna-senpai: all their configurations for routers and their backups had already been wiped though
[11:44:53 AM] katie.onis: because even though it's ipts
[11:44:57 AM] live:anna-senpai: which is why it took so long for restore
[11:44:59 AM] katie.onis: the strategies might be useful to other mitigation companies
[11:45:12 AM] live:anna-senpai: i guess, but staminus is a joke
[11:45:20 AM] live:anna-senpai: i speak to some other server owners and they agree
[11:45:27 AM] live:anna-senpai: so this isn't just in ddos world either
[11:45:35 AM] live:anna-senpai: they are like a meme lol
[11:46:33 AM] katie.onis: strange :p
[11:46:38 AM] katie.onis: they have a lot of capacity which is sad
[11:46:41 AM] katie.onis: unused potential :(
[11:46:46 AM] live:anna-senpai: yea
[11:46:56 AM] live:anna-senpai: they probably  can eat amplified attacks
[11:46:59 AM] live:anna-senpai: due to iptables
[11:47:00 AM] live:anna-senpai: but high pps destroys them
[11:47:05 AM] katie.onis: we're over here at PP just like
[11:47:12 AM] katie.onis: all these people have more capacity than us
[11:47:15 AM] katie.onis: why can't we have that capacity :(
[11:47:26 AM] live:anna-senpai: need to get those enterprise clients
[11:47:32 AM] katie.onis: basically.
[11:47:33 AM] live:anna-senpai: :P
[11:47:38 AM] katie.onis: where all the money is haha
[11:47:43 AM] live:anna-senpai: yeah
[11:47:51 AM] live:anna-senpai: most of these minecraft kids  want to pay peanuts
[11:47:59 AM] live:anna-senpai: "ovh null $50"
[11:48:01 AM] live:anna-senpai: fuck off
[11:48:02 AM] live:anna-senpai: lol
[11:48:35 AM] katie.onis: our lowest plan atm is $100
[11:48:49 AM] katie.onis: so we're better than most
[11:48:50 AM] katie.onis: atleast
[11:49:17 AM] live:anna-senpai: heh
[11:49:33 AM] live:anna-senpai: i was charging $120 an hour for viperhcf
[11:49:37 AM] live:anna-senpai: lol
[11:49:58 AM] live:anna-senpai: they seem like a small server, im guessing they are around $100 range?
[11:50:38 AM] katie.onis: nope, that plan was not that little
[11:50:43 AM] katie.onis: I completely forget though the time.
[11:51:11 AM] katie.onis: $100 is like under 90 players
[11:51:11 AM] katie.onis: lol
[11:53:43 AM] live:anna-senpai: lol
[11:54:26 AM] live:anna-senpai: after you nulled my c2
[11:54:47 AM] live:anna-senpai: i spent some time designing a fault tolerant architecture for the bots lol
[11:55:24 AM] live:anna-senpai: because the floodgates have been opened :(
[11:55:24 AM] live:anna-senpai: not to mention other idiots with 2k nets go around sitting on netstat waiting for me to load in
[11:55:29 AM] live:anna-senpai: and sit there hitting off the cnc
[11:56:31 AM] katie.onis: smart imo :p
[11:56:36 AM] katie.onis: should have done that from the first place
[11:56:39 AM] katie.onis: I was actually surprised you had a single cnc
[11:56:40 AM] live:anna-senpai: lol
[11:56:51 AM] live:anna-senpai: well yeah now i also kill telnet to make it harder, since i can update c2 when it is down
[11:57:02 AM] live:anna-senpai: but still, maybe once or twice a day it gets hit
[11:57:05 AM] live:anna-senpai: :\
[11:57:36 AM] live:anna-senpai: i have a bunch of servers now with lots of ips configured so i can rotate through  them
[11:57:37 AM] live:anna-senpai: lol
[11:58:42 AM] katie.onis: :p
[11:59:28 AM] live:anna-senpai: now the existence of my net has become general knowledge even among skiddiots on hackforums
[11:59:34 AM] live:anna-senpai: some people try to write killer for it, lol
[12:00:47 PM] live:anna-senpai: how come you are peered with nlayer and tinet
[12:00:56 PM] live:anna-senpai: instead of just under gtt
[12:00:59 PM] live:anna-senpai: isn't gtt moving to consolidate their network under 1 as
[12:01:02 PM] katie.onis: peering with gtt automatically peers you with nlayer
[12:01:25 PM] live:anna-senpai: isnt gtt trying to get people to move to the gtt as
[12:01:27 PM] live:anna-senpai: instead of tinet
[12:01:54 PM] katie.onis: they're trying to move everyone to tinet
[12:02:04 PM] live:anna-senpai: oh wtf
[12:02:36 PM] live:anna-senpai: i was way off
[12:02:47 PM] live:anna-senpai: lol
[12:23:48 PM] live:anna-senpai: hm
[12:23:49 PM] live:anna-senpai: how long do you think it will take for hypixel to die
[12:24:00 PM] live:anna-senpai: right now i just have a script sitting there hitting them for 45s every 20 minutes
[12:24:09 PM] live:anna-senpai: enough to drop all players and make them rage
[12:24:25 PM] katie.onis: Is this for a customer?
[12:24:28 PM] live:anna-senpai: yea
[12:24:31 PM] live:anna-senpai: another big server
[12:24:36 PM] live:anna-senpai: like in top 5 :P
[12:24:52 PM] katie.onis: Honestly no clue.
[12:25:41 PM] live:anna-senpai: 45s evert 20 minutes is easy to keep up long term since it doesn't make  the bots die
[12:25:47 PM] live:anna-senpai: hehe
[5:14:37 PM] live:anna-senpai: you strike me as an anime fan
[5:14:54 PM] katie.onis: why do you say that?
[5:16:27 PM] live:anna-senpai: ive  always been a little astute at reading people
[5:16:32 PM] live:anna-senpai: was i right?
[5:17:07 PM] live:anna-senpai: just some of your mannerisms and your interests, it makes me think you enjoy anime
[5:17:09 PM] live:anna-senpai: lol
[5:17:40 PM] katie.onis: you'd be right, interesting :p
[5:17:51 PM] katie.onis: although I haven't touched it in a year
[5:17:52 PM] katie.onis: quite honestly.
[5:17:56 PM] live:anna-senpai: whaaaaat
[5:18:16 PM] katie.onis: hmm?
[5:18:29 PM] live:anna-senpai: haven't watched anime in a year?
[5:18:42 PM] katie.onis: not like I used to
[5:18:46 PM] katie.onis: sometimes I watch it with friends but that's it.
[5:19:28 PM] live:anna-senpai: whats the latest thing you watched?
[5:19:34 PM] live:anna-senpai: like, start -> finish
[5:19:40 PM] live:anna-senpai: any summer anime?
[5:19:43 PM] katie.onis: I never don't finish animes
[5:20:00 PM] katie.onis: and I think I stopped updating my MAL so it's so hard to remember
[5:20:03 PM] katie.onis: let me think..
[5:20:05 PM] live:anna-senpai: even if they're really shitty?
[5:20:11 PM] katie.onis: I've only dropped a few
[5:21:24 PM] katie.onis: Durarara
[5:21:26 PM] katie.onis: was the last one
[5:21:32 PM] katie.onis: the second season(s)
[5:22:01 PM] katie.onis: Durarara, Overlord, and Gate season 2
[5:22:10 PM] live:anna-senpai: those you dropped?
[5:22:15 PM] katie.onis: no, finished all of them
[5:22:16 PM] katie.onis: last ones I finished
[5:22:19 PM] live:anna-senpai: ah
[5:22:28 PM] live:anna-senpai: i enjoyed gate, the whole concept was very interesting
[5:22:40 PM] katie.onis: gate was good just
[5:22:44 PM] katie.onis: 12 episode or 13 episode animes
[5:22:54 PM] live:anna-senpai: 2 seasons though
[5:23:01 PM] live:anna-senpai: too much japan fanboy though
[5:23:11 PM] live:anna-senpai: esp conflict between usa and japan, they are supposed to be big allies
[5:23:13 PM] live:anna-senpai: lol
[5:23:16 PM] katie.onis: lol
[5:23:26 PM] katie.onis: have you ever watched the anime C?
[5:23:37 PM] live:anna-senpai: no, is it good?
[5:23:46 PM] katie.onis: really good
[5:23:47 PM] katie.onis: lemme link
[5:23:53 PM] katie.onis: https://myanimelist.net/anime/10163/C__The_Money_of_Soul_and_Possibility_Control
[5:24:30 PM] live:anna-senpai: cool
[5:24:34 PM] live:anna-senpai: sounds interesting
[5:24:43 PM] katie.onis: I watched it a long time ago
[5:24:46 PM] katie.onis: but yeah, it's pretty good
[5:25:12 PM] live:anna-senpai: i rewatched mirai nikki recently
[5:25:22 PM] live:anna-senpai: (it was the reason i named my bot mirai lol)
[5:25:32 PM] katie.onis: I've rewatched it 3 times with 2 different friends haha
[5:25:32 PM] live:anna-senpai: have you seen?
[5:25:37 PM] live:anna-senpai: damn lol
[5:25:45 PM] live:anna-senpai: gasai yuno is a psycho bitch
[5:25:48 PM] live:anna-senpai: lol
[5:25:55 PM] katie.onis: i'd go for her
[5:25:59 PM] katie.onis: even knowing how she is
[5:26:01 PM] katie.onis: :3
[5:26:19 PM] live:anna-senpai: (dream)
[5:26:20 PM] live:anna-senpai: lol
[5:26:32 PM] katie.onis: haha ;D
[6:22:03 PM] live:anna-senpai: well anyway, going to go get drunk and watch anime, you are cool guy, im sorry for trouble lol. i add your prefixes to whitelist
[7:12:44 PM] katie.onis: wow thanks a lot
[7:12:59 PM] katie.onis: didn't actually expect that, nice to meet you :D
[7:13:09 PM] katie.onis: have fun
 Friday, September 30, 2016
[4:36:44 PM] live:anna-senpai: moving out of ddos anyway, if you are interested, source  code drop
[4:36:45 PM] live:anna-senpai: http://hackforums.net/showthread.php?tid=5420472&pid=52617704#pid52617704
[4:37:29 PM] live:anna-senpai: http://santasbigcandycane.cx/mirai.src.zip - probably should download over tor/proxy, don't know if lea watching
[4:37:46 PM] live:anna-senpai: now i go visit norway, lol
[4:45:27 PM] katie.onis: ;o have fun
[4:45:34 PM] katie.onis: norway is pretty ;p