PlayStationNetwork blocking of CGNAT public addresses

Simon Lockhart simon at slimey.org
Sun Sep 18 14:06:50 UTC 2016


On Sun Sep 18, 2016 at 03:58:57PM +0200, Florian Weimer wrote:
> * Tom Beecher:
> > Simon's getting screwed because he's not being given any information to try
> > and solve the problem, and because his customers are likely blaming him
> > because he's their ISP.
> 
> We don't know that for sure.  Another potential issue is that the ISP
> just cannot afford to notify its compromised customers, even if they
> were able to detect them.

I'd like to think that we're pretty responsive to taking our users offline
when they're compromised and we're made aware of it - either through our own
tools, or through 3rd party notifications.

The process with Sony goes something like:

- User reports they can't reach PSN
- We report the Sony/PSN, they say "Yes, it's blocked because that IP attacked
  us"
- We say "Okay, that's a CGNAT public IP, can you help us identify the which
  inside user that is - (timestamp,ip,port) logs, or some way to identify the
  bad traffic so we can look for it ourselves"
- Sony say no, either through silence, or explicitly.
- We have unhappy user(s), who blame us.

Simon



More information about the NANOG mailing list