On Dec 9, 2009, at 11:03 PM, Scott Howard wrote:
They are (authenticated-required) proxy servers with 10's of thousands of users behind them, so it's possible that they were seeing some bot-like traffic from them, although the volume would have been tiny compared to the volume of legitimate traffic.
So, if, say, AT&T customers are getting zorched from traffic behind those proxies, then blocking them would make sense, no? ;> Do you have visibility into the traffic into/out of those proxies, in order to determine if there's DDoS or spam or other undesirable traffic emanating from them? ----------------------------------------------------------------------- Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com> Injustice is relatively easy to bear; what stings is justice. -- H.L. Mencken