From a network topology perspective, and for flows, AS29852 looks a lot
We are indeed doing so. As a symmetric gigabit and above last mile provider (we have 2.5, 5 and 10 Gbps to the home customers in Manhattan) the very rare instances where a customer becomes compromised or a malicious traffic source are worse than the usual. like a hosting company/colo company in NYC with high throughput outbound endpoints. But we are not, we're a condo and apartment focused last mile provider that just happens to provide ridiculously fast speed to the customers. In terms of abuse we have the usual ongoing issues to deal with that are faced by any provider that operates free amenity wifi in public spaces (roof terraces, lobbies, social rooms etc) in large condo buildings. We have some sites that are 600 suites in one building. We just got the following from Akamai. This present issue may have been exacerbated by something going on inside their DNS operations. =========== Thanks for sharing the reference error, it belongs to Thu, 17 Aug 2023 17:42:04 GMT. The traffic was not denied here due to any security rules but there were DNS connection issues with a set of Akamai servers in North America yesterday and the issue was mitigated. If you are still getting reports of any issues, please share with us. This was a widespread incident where end-users faced connection timeouts accessing Akamai's customer sites in North America. We can confirm that the issue is now resolved as of 19:50 UTC on August 17, 2023 and the service has resumed normal operations. https://www.akamaistatus.com/incidents/jfjr19vjlb3l On Fri, Aug 18, 2023 at 12:38 AM Dobbins, Roland < Roland.Dobbins@netscout.com> wrote:
On 18 Aug 2023, at 08:28, Eric Kuhnke <eric.kuhnke@gmail.com> wrote:
Additionally this appears to have a strong correlation with everything that is hosted by Akamai Edge. Akamai, we are a fairly mundane last mile operator…
It might be a good idea to analyze your outbound traffic in order to determine if you/your customers have DDoS-capable bots and/or abusable reflectors/amplifiers on your/their networks which are being leveraged in attacks.