Show threadKevin Karhan Dec 8

@heiseonlineenglish #ClownFlare is part of the problem, not the solution!

#Cloudflare #ValueRemoving #RentSeekers #RogueISP

Show threadKevin Karhan Dec 4

@corq #ClownFlare isn't good at it, they just have too much network to wield.

Kevin Karhan Nov 26
@anaiscrosby @algernon @asrg I do serve #bots with #blackholing and if I wasn't keen on keeping "employable" and without a criminal record I'd be #DDoS'ing said #AI #scapers so hard that all their #Hosters & #Upstream providers would fire them faster than gandi.net fired #KiwiFarms for hosting #CSAM!
Łukasz Bromirski Oct 5
BGP Blackholing PL Project update - we have new route servers (IPv4+IPv6), I also added new configuration for pf and BSD systems. There's also Looking Glass! Check out more at https://lukasz.bromirski.net/bgp-blackholing/ #bgp #blackholing
BGP Blackholing PL project

what it’s all about? in the internet, not all IPv4 and IPv6 prefixes will be sources or destinations of traffic you’d like to have anything common with. some of them will be used or controlled by bad actors that can try to compromise your network (you have been likely selected at random, do not flatter yourself) or other evil goals. why would you like to receive that traffic? or send traffic towards them?

lukasz.bromirski.net
Kevin Karhan Sep 25

@X00001 granted for something like this there's #Blackholing at the #IX level as an option.

Show threadKevin Karhan May 2, 2025

@jherazob @leberschnitzel they already exist...

I think it's bad #TechPopulism to think that #Anubis will fix all the issues.

Just block all the #GAFAMs ASNs & #hosters that host #Scrapers so the industry cracks down harder on them than on #IRC, #Tor #ExitNodes, #CSAM & #BitTorrent combined!

Kevin Karhan :verified: (@[email protected])

@[email protected] what we should do is *literally* [block](https://github.com/greyhat-academy/lists.d/blob/main/scrapers.ipv4.block.list.tsv) all the #scapers network-wide (as per IP block allocation) and #DROP all traffic to/from them, because #Anubis requiring #JavaScript makes it #ableist and bricking #TUI browsers like #LynxBrowser... - #OnionServices on #Tor / @[email protected] show [how it's done…](https://infosec.space/@kkarhan/114437837120770551)

Infosec.Space
Show threadKevin Karhan May 2, 2025

@varbin @f4grx @nixCraft @torproject Well, you can dynamically block them based off packet rate & amount of requests and rate-limit them as well as limit them in terms of transfer rate.

Not to mention you rarely see DDoS attacks from residential IPs and ISPs are quick to disconnect offending hosts upon reporting them, so worst-case one blocks a /24 for 24 hours.

  • This doesn't even account for the fact that #Skiddie-Tools like #LOIC are easily dstinguishable and filter for.

Again: if this is a real problem, any decent datacenter / hoster / upstream will gladly pick up the phone or reply to your support request via mail.

  • After all, they too don't like it when someone hammers their infrastructure, so they have a vested interest in #Blackholing bad traffic at the #IX level.

#DECIX even officially recommends that as a means to handle large-scale DDoS attacks and keep everyone else online.

  • To me a "#Layer7" solution like #Anubis comes way too late as it already incurs billable traffic at many hosters and datacenters and we don't want to cough up money because of someone else trying to #blackmail us (which is the #1 reason for DDoS'ers to do so!)…
The creators of TikTok caused my website to shut down

YouTube
Show threadKevin Karhan Apr 1, 2025

@LunaDragofelis Consider #blackholing entire #ASN|s like #aws and all the ofther #GAFAMs instead.

  • It's the only way to stop these #DDoS attacks!

https://www.youtube.com/watch?v=Hi5sd3WEh0c

The creators of TikTok caused my website to shut down

YouTube
Show threadKevin Karhan Mar 22, 2025

@osm_tech personally, I'd block all the #GAFAMs by their entire #ASN|s!

  • Fuck the crawlers; #Blackholing of their #DDoS attacks is the only feasible option!

  • Also send an #AbuseReport everytime they try that shite to them and all the providers from you till them...

Show threadKevin Karhan Feb 15, 2025

@snow Maybe consider a provider that allows you to do #Blackholing?

  • In fact that is something #DECIX advocates for: Stopping #DDoS at the #IX level!

#Contabo for example allows to book a dedicaded, managed #pfSense #Firewall woth their #dedicaded #Servers so you can just block entire ASNs aggressively.