Sean Donelan wrote:
On Sun, 22 Jul 2007, Raymond L. Corbin wrote:
I agree. They are at least trying to clean up their network. If they are having a lot of problems with zombie bots that DDoS / Spam then this is a good way to stop it, for now. The small group of users can either use other nameservers or something like psybnc to connect if they want to get on IRC.
It doesn't seem to be rogue Cox engineers. Several major ISPs have all taken action against these particular IRC servers (not! IRC in general). They either re-direct the traffic to a cleaning server, or are blackholing the traffic completely.
Yes, it could have been some type of false positive; but when multiple ISPs all start re-acting to something, I think there might be more to the story. Especially when those ISPs are noted for not responding to incidents. One ISP, it might be the ISP. Multiple ISPs, gotta start looking at what has them disturbed.
Legit or not, well that's for each individual, because of the problem of Bots I'm happy that they are doing it, when my ISP stops me connecting to my IRC server I'll probably not be happy (actually I'd be *very* unhappy because I IPSec all traffic with the network it's on, but that's another story). Cox know they have a problem, they have taken steps which have been thought out to correct it. How many legitimate users use irc.vel.net from *.cox.net against how many bots use IRC from *.cox.net ... all a matter of numbers and risk. Not saying it's right or wrong, but am saying look at the numbers before making a personal call, and use your own server(s) for recursion if you can't accept what they have done to *their* DNS servers. of course if Cox is blocking DNS traffic from home users then I can see a reason to complain loudly. My $0.02... Regards, Mat