AT&T. Layer 6-8 needed.

Shon Elliott shon at unwiredbb.com
Mon Jul 27 00:37:47 CDT 2009



chris rollin wrote:
> Shon wrote:
> 
> Seth,
> 
>> I said it could be, not that it is. Thanks for pointing that out. However,
> I
>> believe the reason they are being blocked at AT&T is the main reason I
> supplied
>> on my first post. The DDoS attack issue is the main ticket here.
> 
> The ACK storms arent coming from the 4chan servers
> It's just like the DNS attack (IN/NS/.).  It points to the stupidity of AT&T
> uppers
> SANS: Are you or arent you soliciting data?  I have some to confirm also
> 


Actually, they are. They are returning responses to hundreds of thousands of
SPOOFED SYN requests. Where do you think those are gonna go? The ACKs are gonna
come back to the network in which IPs were SPOOFed from, essentially, causing a
DDoS on a network not even really involved.




>> It's not
>> because of content, or to piss people off. It's to protect their network,
> as any
>> of you would do when you got DDoSed on your own networks.
> 
> They are going to get some first hand experience in what Protecting their
> Network
> involves real soon, now.  Blocking 4chan was an exercise in Stupidity
> 


Is that some kind of threat or what? Why would you even make a statement like that?


>> It's damage control,
> 
> It's a damage challenge.
> 
>> essentially, until they find out who is involved and block them, then
> they'll
>> likely lift the block.
> 
> They don't have the right to do this.  Not in their TOS/EULA/User-Agreement.
>  Not in any sane legal forum.  (I*A*AL)
> 

They don't have the right to protect their network? So you're saying, if someone
is DDoSing your network either direct or indirect, the network operator is just
supposed to sit there and do nothing while all of it's customers get crappy
internet service because of something they probably don't even know about or
care about.

>> This ISN'T the first time this has happened.
> 

Don't cut it off there. This ISN'T the first time it's happened, as 4chan goes
through DDoSes from script kiddies on a regular basis, and it harms lots of
networks along the way in the process.

> Exactly.
> 
> Now you see the problem ?
> 

The problem is the DDoS attacks. Not AT&T. 4chan's users constantly instigate
this. Chris Poole needs to do more than just sit back and watch. He needs to
start collecting this information and turning it in to the authorities, because
all of this is convered under domestic terrorism as a cyber-crime. I'm betting
there's reasons why he hasn't. He's afraid to get into trouble himself on some
of the content that's posted to /b/... whether it's there 5 seconds or 5 minutes.





More information about the NANOG mailing list