backbones filtering unsanctioned sites
Christopher Morrow
morrowc.lists at gmail.com
Mon Feb 13 22:24:25 UTC 2017
On Mon, Feb 13, 2017 at 4:53 PM, Jean-Francois Mezei <
jfmezei_nanog at vaxination.ca> wrote:
>
>
> Cogent seems to have been very very silent on the issue.
>
>
why would they say anything at all? it's blatantly clear what's happened,
right?
"lea order to block access"
no explanation necessary.
> Could this be because they got some police/NSA/FBI letter requiring
> confindentiality and requiring Cogent to snoop on all traffic to
>
unclear why you think snooping is happening? packets dont' return, nothing
to sniff... this is just a blackhole.
> 104.31.19.30 , and along with agreeing to comply, blocked all the
> requested traffic which means that their cooperation yield logs of what
> IP has made a SYN to 104.31.18.30 but since that SYN went nowhere,
>
my guess is that: "all of the internet" is syn'ing to that IP, because "all
of the internet" syns to all of my ips... scanning is always happening.
> contains no other information, so the agency gets its logs as requested,
> but with no actionable information in them ?
>
>
you are pushing for a conspiracy where none must exist.
> That would explain the block AND Cogent being coy/silent on issue.
>
>
they are not coy, the data is available.
> This could be a "protect users" move even though on the surface Cogent
> appears to be the bad guy.
>
> The other question is whether other major backbone providers got the
> same order and complied without telling ayone nor taking any action to
> block.
>
> In my case, the ISP I used has local peering with Cloudfare, so not
> affected. Not sure what percentage of users have local transit-free
> connections.
>
>
>
More information about the NANOG
mailing list