We have a firewall (was Re: Pakistan government orders ISPservice level agreement)

Scott Granados scott at wworks.net
Wed May 7 14:43:18 UTC 2003

And I think teh bottom line from all this is to use some of the numbers You
provided which will help us get better results.  I certainly wrote them

----- Original Message ----- 
From: "Christopher L. Morrow" <chris at UU.NET>
To: "Tim Wilde" <twilde at dyndns.org>
Cc: "John Payne" <john at sackheads.org>; <nanog at merit.edu>
Sent: Tuesday, May 06, 2003 10:37 PM
Subject: Re: We have a firewall (was Re: Pakistan government orders
ISPservice level agreement)

> On Wed, 7 May 2003, Tim Wilde wrote:
> >
> > I've had the exact opposite experience when calling UUnet.  I was told
> your upstream, InterNap I believe, called on your behalf, I believe I
> also spoke directly with you or someone from dyndns... in the particular
> case I am thinking of, about 2 weeks ago perhaps, we did trace the flood 3
> times the same day. This information was provided to your upstream
> provider.
> Calling the NOC, as I said before (which you most likely actually called
> the customer service number which isn't the NOC), is not productive
> because no one in the NOC (or customer service group) has anyway to
> authenticate that Tim is Tim from dyndns and not Tim from Savvis... or Tim
> from UltraDns now trying to social engineer some 'outage' for their good
> friends at DynDns :( (of course the names used are fictional and the
> companies are used as a convenience for the example, nothing more)
> > no uncertain terms that they WOULD NOT let me speak with ANYONE if I was
> > not a customer, despite 10s of megabits of DDoS coming through their
> > network to mine.  Maybe you called the right people, but UUnet's main
> Yes, your upstream, as I recall, Internap did call and we did help them to
> the best of our ability, given the attack I recall... I can't remember the
> specifics and for that I apologize...  :(
> > line certainly had no interest in helping us.  And when our upstream who
> > is a UUnet customer called them, they refused to even perform a
> > without a subpoena in hand for the results of that backtrace.
> >
> as I said, for the attack I recall this was not the case. If the attack
> was perhaps all UDP and not spoofed we don't bother tracing since its not
> spoofed... perhaps that was the case?

More information about the NANOG mailing list