ast three
weeks or so.
Richard Bennett
-Original Message-
From: Seth Mattinen [mailto:se...@rollernet.us]
Sent: Monday, July 27, 2009 3:00 PM
To: 'nanog - n. am. network ops group list'
Subject: Re: AT&T. Layer 6-8 needed.
Richard Bennett wrote:
>
> In the case of the
Richard Bennett wrote:
>
> In the case of the ISPs and carriers who blocked access to 4chan for a while
> Sunday, since that was done in accordance with DDOS mitigation, there's not
> any issue as far as the FCC is concerned, but that hasn't prevented the
> usual parties from complaining about cen
nett
-Original Message-
From: Patrick W. Gilmore [mailto:patr...@ianai.net]
Sent: Monday, July 27, 2009 8:35 AM
To: nanog - n. am. network ops group list
Subject: Re: AT&T. Layer 6-8 needed.
On Jul 27, 2009, at 11:22 AM, Hiers, David wrote:
> I"m not a lawyer, but I think that the argu
On Jul 27, 2009, at 11:22 AM, Hiers, David wrote:
I"m not a lawyer, but I think that the argument goes something like
this...
The common carriers want to be indemnified from the content they
carry. In other words, the phone company doesn't want to be held
liable for the Evil Plot planned
r Services
2525 SW 1st Ave.
Suite 300W
Portland, OR 97201
o: 503-205-4467
f: 503-402-3277
-Original Message-
From: Jon Lewis [mailto:jle...@lewis.org]
Sent: Monday, July 27, 2009 6:58 AM
To: William Pitcock
Cc: nanog - n. am. network ops group list
Subject: Re: AT&T. Layer 6-8 need
On Jul 27, 2009, at 10:04 AM, John C. A. Bambenek wrote:
Because most of the net libertarians insist that they should do
whatever they want and everyone else should help cater to them.
Liberty for me but not for thee.
I am very much of the "my network, my rules" camp.
As soon as att pays bac
Because most of the net libertarians insist that they should do
whatever they want and everyone else should help cater to them.
Liberty for me but not for thee.
On 7/27/09, Jon Lewis wrote:
> On Mon, 27 Jul 2009, William Pitcock wrote:
>
>> It is widely known that AT&T loves censorship. They lo
On Mon, 27 Jul 2009, William Pitcock wrote:
It is widely known that AT&T loves censorship. They love censorship
because it is profitable for them to love censorship, and this isn't the
first time they have enmasse blocked access to a website they didn't
like. This has nothing at all to do with
On Sun, 26 Jul 2009, jamie wrote:
If any ISP of mine filtered my (where my = brick-and-mortar-corp) access to
any destination because of another customer (there are *always* technical
solutions to problems you describe, the one you implemented wouldn't even
make my list), you'd have one less cus
I posted it on Twitter. And I was talking with John at the time.
We're observing the information that is coming in, but it's hard to
verify something like that when:
A) We haven't heard from our contacts at AT&T.
B) The only information we are seeing "confirming" it is on open
mailing
g.org >> nanog
Subject: Re: AT&T. Layer 6-8 needed.
On Mon, Jul 27, 2009 at 1:37 AM, Shon Elliott wrote:
>
> Chris,
>
> Have you even read any of the other posts on here.
I fade in and out
>
> I have been talking about
> spoofed packets in this thread multiple tim
On Mon, Jul 27, 2009 at 1:37 AM, Shon Elliott wrote:
>
> Chris,
>
> Have you even read any of the other posts on here.
I fade in and out
>
> I have been talking about
> spoofed packets in this thread multiple times.
man engrish
>
> I do know what it is. I would appreciate you not making stupid
This only protects ISPs from, upon being served notice, being liable for
content
A majority of the CDA was overturned, as it violates both first and fifth
amendments. What is left of it only applies to ISPs PUBLISHING (*not*
filtering) content
This is Net Neutrality realm
On Mon, Jul 27, 2009
Chris,
Have you even read any of the other posts on here. I have been talking about
spoofed packets in this thread multiple times. I do know what it is. I would
appreciate you not making stupid comments like that.
chris rollin wrote:
> Apparently not
>
> Back to the kids' table !
>
>
> On Mo
: Monday, July 27, 2009 2:25 AM
To: William Pitcock
Cc: nanog - n. am. network ops group list
Subject: Re: AT&T. Layer 6-8 needed.
William Pitcock wrote:
> On Sun, 2009-07-26 at 23:15 -0700, Shon Elliott wrote:
>
>> Okay, so how do YOU block the attacks from eating up your
William Pitcock wrote:
> On Sun, 2009-07-26 at 23:15 -0700, Shon Elliott wrote:
>
>> Okay, so how do YOU block the attacks from eating up your bandwidth
>> and filling
>> up your logs without blocking the entire IP?
>>
>
> If I was AT&T, I would purchase DDoS filtering equipment and run it
Apparently not
Back to the kids' table !
On Mon, Jul 27, 2009 at 12:38 AM, William Pitcock wrote:
> On Sun, 2009-07-26 at 20:05 -0700, Shon Elliott wrote:
> > There has been alot of customers on our network who were complaining
> about ACK
> > scan reports coming from 207.126.64.181. We had no
On Sun, 2009-07-26 at 23:15 -0700, Shon Elliott wrote:
> Okay, so how do YOU block the attacks from eating up your bandwidth
> and filling
> up your logs without blocking the entire IP?
If I was AT&T, I would purchase DDoS filtering equipment and run it at
edge where all of my traffic is peering a
William Pitcock wrote:
> On Sun, 2009-07-26 at 22:37 -0700, Shon Elliott wrote:
>> chris rollin wrote:
>>> Shon wrote:
>>>
>>> Seth,
>>>
I said it could be, not that it is. Thanks for pointing that out. However,
>>> I
believe the reason they are being blocked at AT&T is the main reason
On Mon, 27 Jul 2009, William Pitcock wrote:
On Sun, 2009-07-26 at 20:05 -0700, Shon Elliott wrote:
There has been alot of customers on our network who were complaining about ACK
scan reports coming from 207.126.64.181. We had no choice but to block that
single IP until the attacks let up. It was
On Sun, 2009-07-26 at 22:37 -0700, Shon Elliott wrote:
>
> chris rollin wrote:
> > Shon wrote:
> >
> > Seth,
> >
> >> I said it could be, not that it is. Thanks for pointing that out. However,
> > I
> >> believe the reason they are being blocked at AT&T is the main reason I
> > supplied
> >> on
On Sun, 2009-07-26 at 20:05 -0700, Shon Elliott wrote:
> There has been alot of customers on our network who were complaining about ACK
> scan reports coming from 207.126.64.181. We had no choice but to block that
> single IP until the attacks let up. It was a decision I made with the
> gentleman
chris rollin wrote:
> Shon wrote:
>
> Seth,
>
>> I said it could be, not that it is. Thanks for pointing that out. However,
> I
>> believe the reason they are being blocked at AT&T is the main reason I
> supplied
>> on my first post. The DDoS attack issue is the main ticket here.
>
> The ACK s
Someone else posted on twitter, I saw it recently.
To make it even clearer, we'll take your data, sure. Just don't expect
us to jump on it until we verify with something solid.
chris rollin wrote:
Uh.
You posted on Twitter.
The most trusted name in [?]
On Mon, Jul 27, 2009 at 12:17 AM
Uh.
You posted on Twitter.
The most trusted name in [?]
On Mon, Jul 27, 2009 at 12:17 AM, John Bambenek wrote:
> We'll take data from **Trusted** sources.
>
> I'm just not going to take a public open mailing list post as evidence at
> this point.
>
>
> chris rollin wrote:
>
>> Shon wrote:
>
We'll take data from **Trusted** sources.
I'm just not going to take a public open mailing list post as evidence
at this point.
chris rollin wrote:
Shon wrote:
Seth,
I said it could be, not that it is. Thanks for pointing that out. However,
I
believe the reason they are being
Shon wrote:
Seth,
> I said it could be, not that it is. Thanks for pointing that out. However,
I
> believe the reason they are being blocked at AT&T is the main reason I
supplied
> on my first post. The DDoS attack issue is the main ticket here.
The ACK storms arent coming from the 4chan servers
I must have misinterpreted "send us something confirming the AT&T 4Chan
outage / isc.sans.org" message.
My bad.
On Sun, Jul 26, 2009 at 11:39 PM, John Bambenek wrote:
> SANS ISC isn't soliciting technical reports, we're interested and looking
> at the issue with a particular eye to 4chan's hi
Seth,
I said it could be, not that it is. Thanks for pointing that out. However, I
believe the reason they are being blocked at AT&T is the main reason I supplied
on my first post. The DDoS attack issue is the main ticket here. It's not
because of content, or to piss people off. It's to protect th
SANS ISC isn't soliciting technical reports, we're interested and
looking at the issue with a particular eye to 4chan's history of pulling
pranks.
Then there is the blocking because of the DoS angle, which I admit,
doesn't seem to fit the facts in this case.
There are AT&T people on this lis
'Wireless backbone'?
K.
I have a dozen confirmations off list in every time zone. SANS ISC is
soliciting technical reports on this; It's on the EFF's Radar.
"This is not a drill"
If any ISP of mine filtered my (where my = brick-and-mortar-corp) access to
any destination because of another cust
http://status.4chan.org/
On Sun, 26 Jul 2009, jamie wrote:
No ears enclosing clue will be reached via normal channels at ~950E on a
Sunday, but this is clearly a problem needing addressing, resolution, action
and, who knows - suit?
http://www.hulu.com/watch/4163/saturday-night-live-ernestine
Shon Elliott wrote:
Jamie,
Unfortunately, that's not easy with wireless backbones. The customers don't have
their own "port". I also know for fact that 4chan is in the process of moving,
so what you're seeing could just be that. Them moving.
This is definitely not "them moving":
traceroute:
Someone just pointed out that I dumbassedly tracerouted to img.4chan.com,
which is a linkfarm.
img.4chan.org is also reachable from AT&T in NY:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 207.126.64.182, timeout is 2 seconds:
.!..!
Success rate is 40 percent (2/5), round-trip
Jamie,
Unfortunately, that's not easy with wireless backbones. The customers don't have
their own "port". I also know for fact that 4chan is in the process of moving,
so what you're seeing could just be that. Them moving.
Regards,
Shon Elliott
Senior Network Engineer
unWired Broadband, Inc.
j
It should be blocked at the complaining customer port.
Not nationwide, and certainly not without announcement.
On Sun, Jul 26, 2009 at 10:05 PM, Shon Elliott wrote:
> There has been alot of customers on our network who were complaining about
> ACK
> scan reports coming from 207.126.64.181. We
It seems like my blocking of 207.126.64.181 is pointless, because Level3 is also
blocking the entire net 207.127.64.0.
All I can say is.. oh well. Nothing we can do about it.
jamie wrote:
> All,
>
> It appears at AT&T (including DSL, and my own home service via u-verse)
> has unilaterally and
That host is not on any ThreatSTOP lists. (DShield, Cyber-TA,
Shadowserver, and several others).
>-Original Message-
>From: jamie [mailto:j...@arpa.com]
>Sent: Sunday, July 26, 2009 7:48 PM
>To: nanog@nanog.org
>Subject: Re: AT&T. Layer 6-8 needed.
>
>img.4cha
There has been alot of customers on our network who were complaining about ACK
scan reports coming from 207.126.64.181. We had no choice but to block that
single IP until the attacks let up. It was a decision I made with the gentleman
that owns the colo facility currently hosts 4chan. There was no
Perfectly reachable from AT&T in NY:
ny01-rtr#traceroute img.4chan.com
Type escape sequence to abort.
Tracing the route to img.4chan.com (208.73.210.27)
1 12.94.163.57 8 msec 4 msec 4 msec
2 cr1.n54ny.ip.att.net (12.122.131.238) [MPLS: Label 16370 Exp 0] 8 msec 8
msec 8 msec
3 ggr4.n54ny.i
img.4chan.org is the biggest site - I've already received six replies on top
of the list-replies confirming (b/c they saw this problem mentioned on
sites/blogs) filtering.
technical information, traces, bgp views (esp. from singly-homed T
customers), etc, encouraged
-jamie
>>
> I don't see a be
Joel Esler wrote:
I have read on another list this evening that AT&T DSL in SoCal is
blocking certain sites within 4chan.
I just tested and can confirm the blackhole is in Reno, too. One more
reason to dump ATT in addition to their trial dollar-per-gig thing
they're doing here.
~Seth
I have read on another list this evening that AT&T DSL in SoCal is
blocking certain sites within 4chan.
J
On Jul 26, 2009, at 9:48 PM, jamie wrote:
All,
It appears at AT&T (including DSL, and my own home service via u-
verse)
has unilaterally and without explanation started blocking webs
43 matches
Mail list logo
