did facebook just DoS me?

Damian Menscher damian at google.com
Tue Apr 4 19:04:20 UTC 2017

It might have been even more innocent than that.  There are some really
crappy consumer-grade firewalls out there that say "DoS Attack" any time
they receive an unexpected packet.  This most commonly occurs when the
device reboots (power outage) and a live TCP connection sends a keepalive
or a RST.  The end result is a flood of emails from customers to the [email protected]
address of every major web company.  I'd love to track down the
manufacturers of these devices and get them to stop their fearmongering....


On Tue, Apr 4, 2017 at 9:35 AM, Compton, Rich A <Rich.Compton at charter.com>

> Any proof that you can provide that Facebook did indeed DoS you?  Unless
> it is an attack after a tcp 3-way handshake I highly doubt that it was
> actually Facebook and probably an attacker spoofing Facebook¹s source IPs
> (perhaps in hopes that the source IPs would be on your whitelist and not
> be blocked).
> Rich Compton  |      Principal Eng     |  314.596.2828
> 14810 Grasslands  Dr,    Englewood,      CO    80112
> On 4/3/17, 4:46 PM, "NANOG on behalf of Miguel Mata"
> <nanog-bounces at nanog.org on behalf of mmata at intercom.com.sv> wrote:
> >Guys and gals,
> >
> >just received a DoS from supposedly Facebook. Any contact of way of
> >getting in touch with
> >them?
> >
> >Thanks.
> >
> >
> The contents of this e-mail message and any attachments are intended
> solely for the addressee(s) and may contain confidential and/or legally
> privileged information. If you are not the intended recipient of this
> message or if this message has been addressed to you in error, please
> immediately alert the sender by reply e-mail and then delete this message
> and any attachments. If you are not the intended recipient, you are
> notified that any use, dissemination, distribution, copying, or storage of
> this message or any attachment is strictly prohibited.

More information about the NANOG mailing list