Re: Cogent Layer 2

2020-10-20 Thread Bottiger
Some of their routers in Houston are blocking random flows for us since Friday. Support has been contacted and they claim nothing is wrong. It is still broken today. On Wed, Oct 14, 2020 at 10:38 AM Mike Hammett wrote: > Are any legitimate beefs with Cogent limited to their IP policies, BGP >

Re: TCP-AMP DDoS Attack - Fake abuse reports problem

2020-02-24 Thread Bottiger
I thought you said this on your blog?  https://blog.octovpn.com/the-ddos-that-bans-you/ [https://blog.octovpn.com/the-ddos-that-bans-you/] "We are the first VPN on the market to come up with a solution for this, and that's why we are who we are. We're keeping our method completely private for no

Re: UDP/123 policers & status

2020-03-28 Thread Bottiger
> > but why isn't BCP 38 widely deployed? > Because it costs time and money. People have been asking for it to be implemented for decades. It is never going to be deployed on every network. What fraction of the > world does implement BCP 38? > Not enough. Everyone has to use it for it to work.

Best way to get foreign ISPs to shut down DDoS reflectors?

2020-04-23 Thread Bottiger
Is there a guide on how to get foreign ISPs to shut down reflectors used in DDoS attacks? I've tried sending emails listed under abuse contacts for their regional registries. Either there is none listed, the email is full, email does not exist, or they do not reply. Same results when sending to wh

Re: Best way to get foreign ISPs to shut down DDoS reflectors?

2020-04-23 Thread Bottiger
orget about it. > > On Fri, Apr 24, 2020 at 5:17 AM Bottiger wrote: > >> Is there a guide on how to get foreign ISPs to shut down reflectors used >> in DDoS attacks? >> >> I've tried sending emails listed under abuse contacts for their regional >> registries.

Re: Best way to get foreign ISPs to shut down DDoS reflectors?

2020-04-23 Thread Bottiger
d collectively focus on stopping the spoofed > traffic that allows these attacks to be generated in the first place. > > -Rich > > > > *From: *NANOG Email List on behalf of Bottiger < > bottige...@gmail.com> > *Date: *Thursday, April 23, 2020 at 3:32 PM > *To: *Si

Re: Best way to get foreign ISPs to shut down DDoS reflectors?

2020-04-24 Thread Bottiger
I highly doubt NTT or any other major transit provider would ever cut off Korea Telecom or China Telecom. And these are reflectors, they are not part of a botnet. On Thu, Apr 23, 2020 at 5:11 PM TJ Trout wrote: > Bottiger, > > If what you are saying is true and can be backed by documen

Re: Abuse Desks

2020-04-29 Thread Bottiger
It is rather easy to block SSH cracking attempts from your own side. Rarely do they put any significant load on your network or computer. I would sympathize with this except for the fact that abuse desks won't even respond to DDoS attacks, something that can't be fixed on your own end without spen

Looking for contacts at Hot-Net AS12849

2023-02-09 Thread Bottiger
Looking for contacts at Hot-Net AS12849 to fix a routing issue. Contacts listed on RIPE are unresponsive.

Anyone have contacts at Bharti Airtel?

2019-12-06 Thread Bottiger
Does anyone have any contacts at Bharti Airtel? I either get no response or full inbox for emails in their WHOIS at AS9498 and AS24560.

Is anyone able to contact GTT?

2019-12-10 Thread Bottiger
I sent an email to noc at gtt.net from 2 different emails and both got a reply saying: 5.1.0 - Unknown address error 550-'5.4.1 Recipient address rejected: Access denied [HE1EUR01FT058.eop-EUR01.prod.protection.outlook.com]' Not sure if this means if they are blocking my email or if their email i

Re: Is anyone able to contact GTT?

2019-12-18 Thread Bottiger
> On Tuesday 2019-12-10 06:58, Matt Harris wrote: > >On Tue, Dec 10, 2019 at 8:51 AM Bottiger wrote: > > >>I sent an email to noc at gtt.net from 2 different emails and both got a > >>reply saying: > >> > >> 5.1.0 - Unknown address error 550-

SNMP DDoS: the vulnerability you might not know you have

2013-07-31 Thread bottiger
Before you skim past this email because you already read the Prolexic report on it or some other article on the internet, there are 2 disturbing properties that I haven't found anywhere else online. 1) After sending abuse emails to many networks, we received many angry replies that they monitored

Re: SNMP DDoS: the vulnerability you might not know you have

2013-07-31 Thread bottiger
>set up to allow public queries of their information (not secured by even >> >keys), which no one should be comfortable with. People should never be >> >leaving the public access snmp strings on devices even if they are >> >internal. Edge blocking just masks the real issue. &g

Re: SNMP DDoS: the vulnerability you might not know you have

2013-07-31 Thread bottiger
devices that harm others through their lack of due diligence > implementing proper security. It's still way more effective than trying to > fix the *last instance* of the problem, instead of it's reasons for > enduring as an issue at a global scale. > > -Blake > >

Re: SNMP DDoS: the vulnerability you might not know you have

2013-07-31 Thread bottiger
I realize the root cause is security-oblivious designers and one level below that, lack of BCP38. But realistically those 2 problems are not going to be solved any time in the next decade. I have tested 7 large hosting networks only one of them had BCP38. To my knowledge it is practically impossi

Contact for Hetzner AS24940 and Host Europe AS20773?

2013-08-20 Thread bottiger
Anyone know of any contacts for Hetzner AS24940 and Host Europe AS20773? Thanks in advance.