Reply to post:

Silence of the WANs: FBI DDoS-for-hire greaseball takedowns slash web flood attacks 'by 11%'

Fred Flintstone Gold badge

Is it against the law to rent a ddos service and point it at its own command and control servers?

The challenge is verifying is the legitimacy of the resources of a DDoS provider. If they generate that through their own resources you'd be OK, but DDoS waves are typically generated by co-opting other people's resources (websites, IoT, breached machines, routers - as long as it can talk online), and in that case you're funding a criminal enterprise.

Attacking yourself is perfectly OK, but you best accurately document the process of choosing your choice of provider so you can prove due diligence. A legit DDoS provider (if such beast exists) must be able to certify how it generates its traffic and how it ensures it remains focused on legitimate targets, and will also demand a permission form from you for the same reasons.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020