[pktgen]

> Should CloudFlare play for judge and ban people that do not violate their terms? Because I'm sure they boot people that perform illegal activities on their network or otherwise harm their network from within, but I can see why they don't proactively take down any website mentioning "we offer DDoS attacks".

DDoS attacks are illegal in most countries, including the US where CloudFlare operates. It would be reasonable for them to include something in their terms about not allowing illegal activities. Then, if it's brought to their attention via a verifiable abuse complaint, yes, they should cease providing service to that user. They are a private company and do not have the obligation to provide service to any particular person; there is no "rights" issue here.

Proactively, as in proactively monitoring and reviewing each site they provide service to, would no doubt be a huge burden and difficult or impossible, but I don't think anyone has suggested that. The only thing they need to be doing is the same as any responsible ISP, have an abuse@ mailbox (which they do), review and take the appropriate action on complaints.