Hello, I am looking for some help with Akamai or a contact from Akamai (or their client HollisterCo) We have an IP that is being blocked, but can’t get anywhere with their support without having an account with them and getting in touch with someone at Hollister is even more impossible. Any help would be greatly appreciated. Thank you, [cid:image001.png@01D5B5B4.6DD89970] Dmitriy Vaynshteyn Senior Systems Engineer 1835 Hicks Rd. Rolling Meadows, IL 60008 tel: 847.994.1111 | direct: 847.850.7894 | fax: 847.850.7902 http://www.infiniwiz.com<http://www.infiniwiz.com/> [Facebook]<https://www.facebook.com/infiniwiz> [Twitter]<https://twitter.com/infiniwiz> [LinkedIn]<https://www.linkedin.com/company/infiniwiz/> Happy with our service? Tell others by leaving a review<https://www.infiniwiz.com/experience/> or making a referral. <https://www.infiniwiz.com/referrals/> <https://www.infiniwiz.com/referrals/>
That is a common issue eyeball ISPs have with CDNs and security companies. The obvious technical contact is the CDN or security company, but they always redirect you to their client because they're "just doing what their client asked". Yes, please, reach out to Hollister's customer service department with a request to fix their web site (or tell you why they won't). See how far that gets you. Meanwhile, go buy some of their tacky apparel. On the "just doing what their client asked", what *IS* it that the client asked? Surely Hollister didn't develop some personal spite for Dmitriy's client and bock their IP address. No, more likely is that some algorithm (rightly or wrongly) lumped Dmitriy's client's IP in a list of bad actors for some reason and Hollister has chosen to block that category of bad actor. Hollister would be equally clueless as to what is actually happening. What the CDNs and security companies should respond with is something to the effect of, "We see 123.456.789.123 doing XYZ bad activity and it needs to stop before being allowed in." Ya know... the same way nearly every SPAM RBL works. You can then kill two birds with one stone: Dmitriy's client can now buy bad shirts and Dmitriy's client fixes whatever exploits are happening from their network. ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com ----- Original Message ----- From: "Dmitriy Vaynshteyn [infiniwiz]" <dmitriy.vaynshteyn@infiniwiz.com> To: nanog@nanog.org Sent: Wednesday, December 18, 2019 3:04:23 PM Subject: Akamai/HollisterCo Hello, I am looking for some help with Akamai or a contact from Akamai (or their client HollisterCo) We have an IP that is being blocked, but can’t get anywhere with their support without having an account with them and getting in touch with someone at Hollister is even more impossible. Any help would be greatly appreciated. Thank you, Dmitriy Vaynshteyn Senior Systems Engineer 1835 Hicks Rd. Rolling Meadows, IL 60008 tel: 847.994.1111 | direct: 847.850.7894 | fax: 847.850.7902 http://www.infiniwiz.com Facebook Twitter LinkedIn Happy with our service? Tell others by leaving a review or making a referral.
I’ve had a hard time internally getting people to answer questions around this or how to properly escalate what appears to be blocking related issues. I’m honestly at wits end with them. I’ll give you these links: https://community.akamai.com/customers/s/article/Why-is-Akamai-Blocking-Me-P... https://www.akamai.com/us/en/clientrep-lookup/ The reality is when you end up behind a NAT pool or shared IP set, this is entirely possible someone (or thing) is doing malicious activity. I’ve asked the teams to improve the errors presented to users in this case, so perhaps it will get better. If you have a specific reference ID you get back, you can send it to me in e-mail (text, no images please) and I’ll look it up to see what can be found. But this also falls into the category - we are performing the action based on our customer request/configuration. - Jared
On Dec 18, 2019, at 4:29 PM, Mike Hammett <nanog@ics-il.net> wrote:
That is a common issue eyeball ISPs have with CDNs and security companies.
The obvious technical contact is the CDN or security company, but they always redirect you to their client because they're "just doing what their client asked". Yes, please, reach out to Hollister's customer service department with a request to fix their web site (or tell you why they won't). See how far that gets you. Meanwhile, go buy some of their tacky apparel.
On the "just doing what their client asked", what *IS* it that the client asked? Surely Hollister didn't develop some personal spite for Dmitriy's client and bock their IP address. No, more likely is that some algorithm (rightly or wrongly) lumped Dmitriy's client's IP in a list of bad actors for some reason and Hollister has chosen to block that category of bad actor. Hollister would be equally clueless as to what is actually happening.
What the CDNs and security companies should respond with is something to the effect of, "We see 123.456.789.123 doing XYZ bad activity and it needs to stop before being allowed in." Ya know... the same way nearly every SPAM RBL works. You can then kill two birds with one stone: Dmitriy's client can now buy bad shirts and Dmitriy's client fixes whatever exploits are happening from their network.
----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com
Midwest-IX http://www.midwest-ix.com
See More from Dmitriy Vaynshteyn [infiniwiz]
See More from Dmitriy Vaynshteyn [infiniwiz]
or making a referral.
I thank you for your efforts. ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com ----- Original Message ----- From: "Jared Mauch" <jared@puck.nether.net> To: "Mike Hammett" <nanog@ics-il.net> Cc: nanog@nanog.org Sent: Wednesday, December 18, 2019 3:56:17 PM Subject: Re: Akamai/HollisterCo I’ve had a hard time internally getting people to answer questions around this or how to properly escalate what appears to be blocking related issues. I’m honestly at wits end with them. I’ll give you these links: https://community.akamai.com/customers/s/article/Why-is-Akamai-Blocking-Me-P... https://www.akamai.com/us/en/clientrep-lookup/ The reality is when you end up behind a NAT pool or shared IP set, this is entirely possible someone (or thing) is doing malicious activity. I’ve asked the teams to improve the errors presented to users in this case, so perhaps it will get better. If you have a specific reference ID you get back, you can send it to me in e-mail (text, no images please) and I’ll look it up to see what can be found. But this also falls into the category - we are performing the action based on our customer request/configuration. - Jared
On Dec 18, 2019, at 4:29 PM, Mike Hammett <nanog@ics-il.net> wrote:
That is a common issue eyeball ISPs have with CDNs and security companies.
The obvious technical contact is the CDN or security company, but they always redirect you to their client because they're "just doing what their client asked". Yes, please, reach out to Hollister's customer service department with a request to fix their web site (or tell you why they won't). See how far that gets you. Meanwhile, go buy some of their tacky apparel.
On the "just doing what their client asked", what *IS* it that the client asked? Surely Hollister didn't develop some personal spite for Dmitriy's client and bock their IP address. No, more likely is that some algorithm (rightly or wrongly) lumped Dmitriy's client's IP in a list of bad actors for some reason and Hollister has chosen to block that category of bad actor. Hollister would be equally clueless as to what is actually happening.
What the CDNs and security companies should respond with is something to the effect of, "We see 123.456.789.123 doing XYZ bad activity and it needs to stop before being allowed in." Ya know... the same way nearly every SPAM RBL works. You can then kill two birds with one stone: Dmitriy's client can now buy bad shirts and Dmitriy's client fixes whatever exploits are happening from their network.
----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com
Midwest-IX http://www.midwest-ix.com
See More from Dmitriy Vaynshteyn [infiniwiz]
See More from Dmitriy Vaynshteyn [infiniwiz]
or making a referral.
Problem is that I used their client rep lookup tool at https://www.akamai.com/us/en/clientrep-lookup/ and it showed that the IP was clean. Dmitriy Vaynshteyn Senior Systems Engineer 1835 Hicks Rd. Rolling Meadows, IL 60008 tel: 847.994.1111 | direct: 847.850.7894 | fax: 847.850.7902 http://www.infiniwiz.com Happy with our service? Tell others by leaving a review or making a referral. -----Original Message----- From: NANOG <nanog-bounces+notifications=infiniwiz.com@nanog.org> On Behalf Of Jared Mauch Sent: Wednesday, December 18, 2019 3:56 PM To: Mike Hammett <nanog@ics-il.net> Cc: nanog@nanog.org Subject: Re: Akamai/HollisterCo I’ve had a hard time internally getting people to answer questions around this or how to properly escalate what appears to be blocking related issues. I’m honestly at wits end with them. I’ll give you these links: https://community.akamai.com/customers/s/article/Why-is-Akamai-Blocking-Me-P... https://www.akamai.com/us/en/clientrep-lookup/ The reality is when you end up behind a NAT pool or shared IP set, this is entirely possible someone (or thing) is doing malicious activity. I’ve asked the teams to improve the errors presented to users in this case, so perhaps it will get better. If you have a specific reference ID you get back, you can send it to me in e-mail (text, no images please) and I’ll look it up to see what can be found. But this also falls into the category - we are performing the action based on our customer request/configuration. - Jared
On Dec 18, 2019, at 4:29 PM, Mike Hammett <nanog@ics-il.net> wrote:
That is a common issue eyeball ISPs have with CDNs and security companies.
The obvious technical contact is the CDN or security company, but they always redirect you to their client because they're "just doing what their client asked". Yes, please, reach out to Hollister's customer service department with a request to fix their web site (or tell you why they won't). See how far that gets you. Meanwhile, go buy some of their tacky apparel.
On the "just doing what their client asked", what *IS* it that the client asked? Surely Hollister didn't develop some personal spite for Dmitriy's client and bock their IP address. No, more likely is that some algorithm (rightly or wrongly) lumped Dmitriy's client's IP in a list of bad actors for some reason and Hollister has chosen to block that category of bad actor. Hollister would be equally clueless as to what is actually happening.
What the CDNs and security companies should respond with is something to the effect of, "We see 123.456.789.123 doing XYZ bad activity and it needs to stop before being allowed in." Ya know... the same way nearly every SPAM RBL works. You can then kill two birds with one stone: Dmitriy's client can now buy bad shirts and Dmitriy's client fixes whatever exploits are happening from their network.
----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com
Midwest-IX http://www.midwest-ix.com
See More from Dmitriy Vaynshteyn [infiniwiz]
See More from Dmitriy Vaynshteyn [infiniwiz]
or making a referral.
Here’s the deal… I’ve pieced this together entirely from data available outside of Akamai. It does not involve any knowledge I gained at Akamai unless I’ve also been able to identify that information through an independent public source. Akamai’s system here is designed to make their customers happy without much regard for their customer’s customers. Customers have control over their web application firewall and what it blocks. Akamai doesn’t (exactly) directly control it. However, customers can subscribe to reputation information and make automated decisions about blocking in their WAF based on that reputation information. Akamai takes customer confidentiality very seriously. Mostly this is a good thing, but it creates a real catch 22 for web users caught in this circumstance. If it’s any consolation, I ran into this several times while I was working at Akamai and didn’t have any better ability to get resolution than what is being reported here. Akamai NOC can’t tell you what’s happening because that would violate their customer’s confidentiality. It’s often very difficult for you to reach anyone with a clue at the company in question, and, even if you manage to do so, they’ll say “but Akamai runs that for us, you should call them.<click>” I’ve given up on this ever getting better. Owen
On Dec 18, 2019, at 2:11 PM, Dmitriy Vaynshteyn [infiniwiz] <dmitriy.vaynshteyn@infiniwiz.com> wrote:
Problem is that I used their client rep lookup tool at https://www.akamai.com/us/en/clientrep-lookup/ and it showed that the IP was clean.
Dmitriy Vaynshteyn Senior Systems Engineer 1835 Hicks Rd. Rolling Meadows, IL 60008 tel: 847.994.1111 | direct: 847.850.7894 | fax: 847.850.7902 http://www.infiniwiz.com Happy with our service? Tell others by leaving a review or making a referral.
-----Original Message----- From: NANOG <nanog-bounces+notifications=infiniwiz.com@nanog.org> On Behalf Of Jared Mauch Sent: Wednesday, December 18, 2019 3:56 PM To: Mike Hammett <nanog@ics-il.net> Cc: nanog@nanog.org Subject: Re: Akamai/HollisterCo
I’ve had a hard time internally getting people to answer questions around this or how to properly escalate what appears to be blocking related issues. I’m honestly at wits end with them.
I’ll give you these links:
https://community.akamai.com/customers/s/article/Why-is-Akamai-Blocking-Me-P... https://www.akamai.com/us/en/clientrep-lookup/
The reality is when you end up behind a NAT pool or shared IP set, this is entirely possible someone (or thing) is doing malicious activity. I’ve asked the teams to improve the errors presented to users in this case, so perhaps it will get better.
If you have a specific reference ID you get back, you can send it to me in e-mail (text, no images please) and I’ll look it up to see what can be found.
But this also falls into the category - we are performing the action based on our customer request/configuration.
- Jared
On Dec 18, 2019, at 4:29 PM, Mike Hammett <nanog@ics-il.net> wrote:
That is a common issue eyeball ISPs have with CDNs and security companies.
The obvious technical contact is the CDN or security company, but they always redirect you to their client because they're "just doing what their client asked". Yes, please, reach out to Hollister's customer service department with a request to fix their web site (or tell you why they won't). See how far that gets you. Meanwhile, go buy some of their tacky apparel.
On the "just doing what their client asked", what *IS* it that the client asked? Surely Hollister didn't develop some personal spite for Dmitriy's client and bock their IP address. No, more likely is that some algorithm (rightly or wrongly) lumped Dmitriy's client's IP in a list of bad actors for some reason and Hollister has chosen to block that category of bad actor. Hollister would be equally clueless as to what is actually happening.
What the CDNs and security companies should respond with is something to the effect of, "We see 123.456.789.123 doing XYZ bad activity and it needs to stop before being allowed in." Ya know... the same way nearly every SPAM RBL works. You can then kill two birds with one stone: Dmitriy's client can now buy bad shirts and Dmitriy's client fixes whatever exploits are happening from their network.
----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com
Midwest-IX http://www.midwest-ix.com
See More from Dmitriy Vaynshteyn [infiniwiz]
See More from Dmitriy Vaynshteyn [infiniwiz]
or making a referral.
On Wed, Dec 18, 2019 at 1:57 PM Jared Mauch <jared@puck.nether.net> wrote:
I’ll give you these links:
https://community.akamai.com/customers/s/article/Why-is-Akamai-Blocking-Me-P... https://www.akamai.com/us/en/clientrep-lookup/
Thanks Jared. Would be great if this returns v6 reputation as well. Btw TTFB to v6ds.iplookup.akamai.com is 1 minute.
participants (5)
-
Dmitriy Vaynshteyn [infiniwiz]
-
Jared Mauch
-
Mike Hammett
-
Owen DeLong
-
Yang Yu