
Ragebooter: ‘Legit’ DDoS Service, or Fed Backdoor? - nsp
http://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-backdoor/
======
GigabyteCoin
The "admission of guilt" came after krebs needled the "suspect?" incessantly
via his personal facebook chat about the illigitimacy of his business.

Does anybody else think that Poland was just trolling krebs at this point?

Krebs continues... "When I asked Poland to provide more information that I
might use to verify his claims that he was working for the FBI, the
conversation turned combative,"

I am pretty sure that Poland was already in full on defense mode when he told
krebs he worked for the FBI.

EDIT: Jesus christ Krebs... Seriously? "The victims can see the ragebooter.net
username of the logged in attacker because that info is, bizzarely, sent
within attack traffic."

If that isn't a blatant example that the company isn't trying to hide
anything, and that you're being an unlrelenting paranoid security "expert" I
don't know what is.

Leave this man and his business alone. Just because he doesn't fit your
definition of being moral and just doesn't mean you should write up a witch
hunt about him on your blog.

~~~
d23
And is it really necessary for Krebs to post private conversations about the
22 year old's depression? At what point is this even about security? Krebs's
blog is starting to look more like tabloid journalism.

~~~
GigabyteCoin
Personally I was disgusted by Krebs' level of tact in "researching" this
entire article.

------
nisa
I don't understand how you can run a illegal service and use similiar
pseudonyms and @gmail.com or @live.com e-mail addresses. Reminds of these
excellent slides for opsec: <http://slideshare.net/grugq/opsec-for-hackers>

There are similiar services available as tor hidden service where you can pay
with bitcoin.

But I really don't understand why would anyone use this? Is this some form of
blackmailing for buisnesses that need to be online to generate money?

------
jzelinskie
I have some experience managing servers that were targeted by script kiddies
using services like this. Dealing with the attacks is usually pretty simple
due to clear ways to identify the traffic (i.e. the bots all have the same
useragent). However, if they're powerful enough to fully saturate your
connection, you're going to have a tougher time. It's great that sysadmins can
mostly get away with just paying for CloudFlare, nowadays.

What actually surprises me more about this article is that he is operating in
the United States. However, I'm not sure the value of an "FBI backdoor" in
this situation. People "renting a botnet" are not usually important people
that I'd think the FBI should be spending their budget on.

~~~
adrow
There were some interesting comments below the post hinting that a lot of
these services are themselves using CloudFlare to protect against being taken
out by their competitors. The advantage to CloudFlare apparently being that
these booters also drive more users to their own services.

------
pronoiac
I have the feeling it's gotten some unwanted attention. Here's a cached
version:
[http://webcache.googleusercontent.com/search?q=cache:http://...](http://webcache.googleusercontent.com/search?q=cache:http://krebsonsecurity.com/2013/05/ragebooter-
legit-ddos-service-or-fed-backdoor/&client=safari&hl=en&strip=1)

------
VMG
The web has become a very crazy place. I'm not sure I'm able to tell Neal
Stephenson novels and reality apart anymore.

~~~
mikeash
As usual, you can distinguish reality because it is the less believable of the
two.

