Built by a former ISP engineer after 30 years on the frontlines. clone-DDOS Pro delivers dynamic, real-time threat intelligence to protect your infrastructure before attacks land.
30 years running ISP infrastructure taught us one thing: by the time you know you're under attack, it's already too late.
Traditional firewalls log what hits them. They have zero visibility on what is preparing to hit them. Your perimeter is invisible until the first packet arrives.
Spamhaus and similar services focus on spam/email. Threat IPs change constantly. By the time a list is updated, the attack vector has moved. You need real-time, not yesterday's data.
Enterprise-grade threat intelligence (CISCO, Akamai) is accessible only to large operators. Small and mid-size providers are left with open-source patchwork that requires deep expertise.
A distributed network of probes collects threat data from servers worldwide. Your firewall benefits from every observation made by every node.
One-line install on your server. The probe passively captures all unauthorized connection attempts via kernel-level logging.
Your observations — IP, port, ASN, country — are aggregated in real-time across all probes in the nearest GeoIP node.
Every participant benefits from the collective. An IP seen attacking a probe in Singapore protects a server in Paris within seconds.
Pro and Enterprise tiers push blocking rules directly to your firewall in real-time. No manual intervention required.
"I spent 30 years running ISP networks. Every DDoS, every intrusion attempt, every sleepless night taught me the same lesson: we were always one step behind."
— founder, clone-DDOS · former ISP engineerclone-DDOS Pro was built from real operational pain. Not a product roadmap. Every feature exists because someone needed it at 3am during an incident.
Block known attackers before they reach your services. Dynamic rules updated from live network observations.
The same threat visibility previously available only to major operators. Now accessible to any hosting provider.
Only network metadata collected. No packet contents, no user data. GDPR compliant by design.
Local retention configurable. Aggregate stats shared with the community. Raw data stays on your probe.
Spamhaus is excellent for email reputation. It was not built for infrastructure intrusion prevention. Here is the difference.
| feature | clone-DDOS Pro | Spamhaus | Enterprise SIEM |
|---|---|---|---|
| Real-time firewall updates | ✓ Pro+ | ✗ | ~ custom |
| Network intrusion focus | ✓ | ✗ email only | ✓ |
| Distributed probe network | ✓ | ~ | ~ vendor |
| Port & ASN intelligence | ✓ | ✗ | ✓ |
| Accessible to SMB/MSP | ✓ freemium | ~ basic free | ✗ enterprise only |
| Self-hosted option | ✓ | ✗ | ~ some |
| GDPR / privacy-first | ✓ | ~ | ~ varies |
| Price | free → subscription | free (limited) → $$ | $$$$$ |
No solution guarantees 100% protection. clone-DDOS Pro significantly reduces exposure surface through real-time collective intelligence.
No credit card required to start. Upgrade when your infrastructure demands more.
For individual contributors. Contribute your data, get visibility in return.
For hosting providers and MSPs managing multiple client servers.
For large operators, ISPs, and organizations with specific requirements.
Pricing will be announced at service launch. Early partners benefit from founding rates.
clone-DDOS started as an open, non-commercial project. The community platform remains free forever. Contribute your server's threat data, access global statistics, and help build the network that makes Pro possible.