NeoProtect down
Looks like they ate a massive attack and Datapacket(their only upstream that was also used for mitigation of large attacks) has nullrouted them. All locations are down, and downstreams are affected.
Last update:
https://bgp.tools/as/199414
https://status.neoprotect.net/incidents/kdmtx0wk3h1l
Comments
I've never used Neoprotect or any services like them so excuse my ignorance, but do they just rely on CDN77/DP for volumetric mitigation? I always assumed they had their own filtering and could use any upstream.
Edit: There's many large dedicated server companies like Limestone that use Neoprotect, I'm guessing that means all of the clients of those datacenters/server providers that have IPs for mitigation are also down eh, pretty bad situation to be in.
For them to get dropped from CDN77/DP is surprising. I use them in Singapore and they've eaten multi-terabit attacks against some of my clients with no problems.
ExtraVM - KVM NVMe VPS in USA, EU, APAC -|- RackColo - Find Colo - Discord: mikea (DM before adding)
They use them for pre-filtering basically, they have their own filtering for more sophisticated and application layer attacks, but all these big attacks are tanked by DP.
NeoProtect doesn't have much of their "own" capacity, they heavily rely on Datapacket filtering large attacks.
They have updated their status with this, now
Spicy, now they know a few TB's will make the BGP sessions drop.
It doesn't even have to last for one hour to take them down for 1 day or more.
Free NAT KVM | Free NAT LXC
To be fair, I don't blame Datapacket for dropping them at all, realistically NeoProtect are a small customer abusing the fuck out of DP's dirt cheap, large capacity ddos protection.
Datapacket charges only $100 for their "advanced" protection, that they use all the time to tank massive attacks, its their entire business model.
As i said, they had little of own capacity, and only filtered what wasn't already filtered by DP protection.
Afaik these recent attacks caused issues for the whole Datapacket infra.
It reminds me of TCPShield getting kicked out of OVH recently, because entire Miami location was having issues due to their attacks. It operated in a similar fashion, abusing low-cost mitigation.
Edit: I have no idea if NeoProtect also paid $100 per location, like I was quoted, they could have some special agreement that I'm not aware of, but judging by how this situation was handled, I doubt it.
So you telling me, they gonna Deadpool next week?
Free NAT KVM | Free NAT LXC
Afaik pretty much their all infra was just dedis from Datapacket, rented. So if they were to get kicked out entirely, I could see it being a massive issue, larger than it already is.
Still down, 16h and counting. So are many of their downstreams, which appeared to be singlehomed with NeoProtect.
No further updates have been posted to their status page.
Latest update: they've been completed booted by CDN77.
https://status.neoprotect.net/incidents/kdmtx0wk3h1l
The Ultimate Speedtest Script | Get Instant Alerts on new LES/LET deals | Cheap VPS Deals | VirMach Flash Sales Notifier
FREE KVM VPS - FreeVPS.org | FREE LXC VPS - MicroLXC
Sucks, we all benefit from more DDoS protection providers, but its completely reasonable for DP to pull the plug considering the issues these attacks brought.
Hopefully their backup "game protection" infra at OVH won't get targeted, as they would also get kicked out from there.
I would love to see their on-premise offering be competitive to something like Wanguard, there is even less of good on-premise mitigation companies, than remote.
R.I.P NeoProtect
Bad news for all other DDOS protection providers that use CDN77/DP ?
Yup, looks like it. I've heard of other providers also getting a boot from CDN77/DP for using them as a pre-filter.
Again, a reasonable move from DP, but sucks. All it took was game hosting kids to ruin it all.
For comparison, real enterprise DDoS mitigaton as Akamai Prolexic, see nowhere close 30 Tbps attacks
https://www.akamai.com/blog/security/akamai-blocked-419-tb-of-malicious-traffic with 1.4 Tbps peak
https://www.akamai.com/blog/security/ddos-attack-trends-2024-signify-sophistication-overshadows-size this year they've said it was still one of the biggest attacks, seems like they had something around 2 Tbps in Oct 2024, but its still nowhere close what game servers attract.
And they aren't charging $100/mo for their protection
It all comes down to skiddery, and virtual dick measuring contests among gamers with access to botnets.
Afaik the attacks against NeoProtect were directed at Rust servers at one of their downstreams, and now it has moved to Path.
Datapacket has introduced new policies, they now have AUP, DMCA, and DSA policies.
Here is the new DDoS protection policy
But what I find more concerning, is the following policy which is also new and allows for very broad overreach
But that's a topic for another thread. I will be avoiding Datapacket network from now on.
Good luck enforcing that one. The clause reads like a PR shield, not an enforceable policy. “Misinformation” and “propaganda” are legally slippery and you’d need to prove intent, define truth, and survive free speech challenges. The cost of litigating even one case would outweigh the clause’s value. It’s more about optics than anything substantial.
Free Hosting at YetiNode | MicroNode| Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop? | In my cave if you need me ping me.
It's a commercial relationship - I don't see how you're going to make a "free speech" argument stick.
True, it’s a commercial relationship, but that doesn’t eliminate the problem. The issue isn’t whether a free speech claim “sticks,” it’s that every dispute forces the company into proving intent, defining truth, and burning legal hours. Enforcement becomes a cost sink regardless of outcome.
Free Hosting at YetiNode | MicroNode| Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop? | In my cave if you need me ping me.
Curious about how the other well known DDOS protection hosts that use CDN77 are handling this.
Honestly, you dont need that much to prove it. Just look up "defamation lawsuit".
Here in singapore, you can and will be held liable for making a facebook or social media post.
A negative comment or negative review that harms the company (or entity) can land you in legal hot water where you may be held liable and required to pay a fine to cover the monetary loss that happened "after" your post, regardless of whether it was a correlation or causation...
According to the legal advice from actual lawers:
(quoted from https://www.hg.org/legal-articles/facebook-and-social-media-defamation-in-singapore-67747)
Free speech? That's only for the rich. You and I are too poor to afford it.
So we have a total of 18.4 quintillion blocks of 18.4 quintillion IPv6 IPs?!?
It’s OK if you disagree with me. I can’t force you to be right!
SG has no bearing on a US company or US Law.
They may have to operate by SG law IF they have a physical presence there but as far as I know that is all. Then only that division has to abide by those laws not the entire company.
Free Hosting at YetiNode | MicroNode| Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop? | In my cave if you need me ping me.
Well, USA also has defamation law and no, free speech does not protect you from that. It is up to the court to decide:
https://www.law.cornell.edu/wex/defamation
So companies usually have some form of ToS to protect themselves from being roped in such lawsuits.
So we have a total of 18.4 quintillion blocks of 18.4 quintillion IPv6 IPs?!?
It’s OK if you disagree with me. I can’t force you to be right!
Prove it. If you are able then 3/4 of social media would disappear over night.
Free Hosting at YetiNode | MicroNode| Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop? | In my cave if you need me ping me.
Ya, no, I am not going down that rabbit hole again. Look up your own countries cases and laws or call your lawer and ask.
Here is a good staring point: https://www.freedomforum.org/famous-defamation-cases/
So we have a total of 18.4 quintillion blocks of 18.4 quintillion IPv6 IPs?!?
It’s OK if you disagree with me. I can’t force you to be right!
A new DMCA policy is interesting, given that many VPN providers use it and attract hundreds or thousands of DMCA notices each day. Maybe it's because of that DISH lawsuit a while back, or they're just tightening their policies in general. I wonder how this will affect VPNs.
Contract law in the U.S. is clear: any ambiguity in a contract is interpreted in favor of the signer, not the drafter. For that clause to be enforceable, it would need to define exactly what constitutes “defamation.”
Saying “this company sucks” is opinion is not defamation, and there’s nothing anyone can do about it. On the other hand, saying “this company steals client data” without proof could be defamation, but even then the burden is on them to prove both falsity and damages.
What you’re looking at is boilerplate jargon — it sounds intimidating, but in practice it’s just there to give the drafter cover. It doesn’t actually carry the weight they want you to think it does.
No I am not a lawyer but, I have spent my entire life dealing with the US Government.
Free Hosting at YetiNode | MicroNode| Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop? | In my cave if you need me ping me.