Introducing the BPF Tools

Published on by Marek Majkowski.

In a recent article I described the basic concepts behind the use of Berkeley Packet Filter (aka BSD Packet filter or BPF) bytecode for high performance packet filtering, and the xt_bpf iptables module. In this post I'll explain how we use BPF and xt_bpf as one tool to deal with large scale DDoS attacks. And, today, CloudFlare is open sourcing the tools we'…

Making code better with reviews

Published on by John Graham-Cumming.

In the past we've written about how CloudFlare isn't afraid to rip out and replace chunks of code that have proved to be hard to maintain or have simply reach end of life. For example, we wrote a brand new DNS server and replaced our old DNS infrastructure with it. Doing so was greatly helped by two things: a large test suite (that keeps…

Q&A with Ryan Lackey

Published on by Andrew A. Schafer.

Lackey being hoisted onto Sealand in the North Sea circa 2000 How did you get into computer security? I started using the Internet when I was young—in the early 1990s, before I was a teenager. I was drawn to security for two main reasons: First, I was interested in how individuals could stand up to large groups, even nation states, using mathematics. Also, learning about computer…

CloudFlare Acquires CryptoSeal

Published on by Matthew Prince.

We're excited to announce that CloudFlare has acquired the Trusted Computing and virtual private network (VPN) as a service company CryptoSeal. CryptoSeal was founded by Ryan Lackey, a well-known engineer in the security community whom we've admired for some time. The company was funded by Y Combinator and angel investors from the security community. At CloudFlare, our mission is to build a better Internet.…