backbones filtering unsanctioned sites
morrowc.lists at gmail.com
Mon Feb 13 22:24:25 UTC 2017
On Mon, Feb 13, 2017 at 4:53 PM, Jean-Francois Mezei <
jfmezei_nanog at vaxination.ca> wrote:
> Cogent seems to have been very very silent on the issue.
why would they say anything at all? it's blatantly clear what's happened,
"lea order to block access"
no explanation necessary.
> Could this be because they got some police/NSA/FBI letter requiring
> confindentiality and requiring Cogent to snoop on all traffic to
unclear why you think snooping is happening? packets dont' return, nothing
to sniff... this is just a blackhole.
> 184.108.40.206 , and along with agreeing to comply, blocked all the
> requested traffic which means that their cooperation yield logs of what
> IP has made a SYN to 220.127.116.11 but since that SYN went nowhere,
my guess is that: "all of the internet" is syn'ing to that IP, because "all
of the internet" syns to all of my ips... scanning is always happening.
> contains no other information, so the agency gets its logs as requested,
> but with no actionable information in them ?
you are pushing for a conspiracy where none must exist.
> That would explain the block AND Cogent being coy/silent on issue.
they are not coy, the data is available.
> This could be a "protect users" move even though on the surface Cogent
> appears to be the bad guy.
> The other question is whether other major backbone providers got the
> same order and complied without telling ayone nor taking any action to
> In my case, the ISP I used has local peering with Cloudfare, so not
> affected. Not sure what percentage of users have local transit-free
More information about the NANOG