William Pitcock wrote:
On Sun, 2009-07-26 at 22:37 -0700, Shon Elliott wrote:
chris rollin wrote:
Shon wrote:
Seth,
I said it could be, not that it is. Thanks for pointing that out. However, I believe the reason they are being blocked at AT&T is the main reason I supplied on my first post. The DDoS attack issue is the main ticket here. The ACK storms arent coming from the 4chan servers It's just like the DNS attack (IN/NS/.). It points to the stupidity of AT&T uppers SANS: Are you or arent you soliciting data? I have some to confirm also
Actually, they are. They are returning responses to hundreds of thousands of SPOOFED SYN requests. Where do you think those are gonna go? The ACKs are gonna come back to the network in which IPs were SPOOFed from, essentially, causing a DDoS on a network not even really involved.
{citation needed}.
It is possible to send spoofed ACK responses without the SYN ever happening in the first place. At any rate, you would think that if this was really going on that status.4chan.org would have an update on the topic.
Regardless of that, I have logs from firewalls to show that it's happening. So what, do I have to post them here to prove that it's happening?
It is widely known that AT&T loves censorship. They love censorship because it is profitable for them to love censorship, and this isn't the first time they have enmasse blocked access to a website they didn't like. This has nothing at all to do with forged ACK responses, and everything to do with content.
Yes, they do love censorship. I agree. You got me there.. But for ME it was about the forged ACK responses. I already lifted my block on it some time ago. It was temporary while I figured out some other ways to lessen the attack.
AT&T does not have the right to filter what their users can access, period. You can put all the spin on it that you want, but in the end it's about content.
I'm not putting any spin on why they did what they did. I'm just stating I know some of the facts and saying what I did and WHY I did it.
If this was about protecting their network, then they could do that in a different way, period end of story.
Maybe they can. I don't know the situation. For a small ISP such as us, we don't have a lot of alternatives. It's not like we're made of AT&T's billions of dollars.
It's not because of content, or to piss people off. It's to protect their network, as any of you would do when you got DDoSed on your own networks. They are going to get some first hand experience in what Protecting their Network involves real soon, now. Blocking 4chan was an exercise in Stupidity
Is that some kind of threat or what? Why would you even make a statement like that?
Do not underestimate the power of teenagers living in their parents' basement. There's a lot of them, and they can't access their favourite website anymore.
This is going to result in a lot of these families switching to Cable or an alternative DSL provider.
I bet if half of the parents knew what their kids were doing on the internet... this wouldn't be a problem.
It's damage control, It's a damage challenge.
essentially, until they find out who is involved and block them, then they'll likely lift the block. They don't have the right to do this. Not in their TOS/EULA/User-Agreement. Not in any sane legal forum. (I*A*AL)
They don't have the right to protect their network? So you're saying, if someone is DDoSing your network either direct or indirect, the network operator is just supposed to sit there and do nothing while all of it's customers get crappy internet service because of something they probably don't even know about or care about.
They have the right to protect their network, but not at the cost of reducing neutrality. But luckily we live in a free market, and AT&T is about to lose a lot of business because of that block. If I were them, I would fix it now, and be extremely apologetic about this happening.
Okay, so how do YOU block the attacks from eating up your bandwidth and filling up your logs without blocking the entire IP?
This ISN'T the first time this has happened. Don't cut it off there. This ISN'T the first time it's happened, as 4chan goes through DDoSes from script kiddies on a regular basis, and it harms lots of networks along the way in the process.
No, he means, this isn't the first time AT&T has degraded service as a matter of policy.
I suppose that's possible. I've been on AT&T's network as a home user and have not really experienced that before.
Exactly.
Now you see the problem ?
The problem is the DDoS attacks. Not AT&T. 4chan's users constantly instigate this. Chris Poole needs to do more than just sit back and watch. He needs to start collecting this information and turning it in to the authorities, because all of this is convered under domestic terrorism as a cyber-crime. I'm betting there's reasons why he hasn't. He's afraid to get into trouble himself on some of the content that's posted to /b/... whether it's there 5 seconds or 5 minutes. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
There you go right there. It's about the content. End of story.
No, the problem is that he won't do anything about it. I doubt AT&T is doing it for censorship reasons, but that's speculation on my part. But don't sit there and take the second half of my sentence to make a point like that. Chris CAN do something about it, he just won't. Why do you think that is?
William