Re: DE-CIX vs Equinix
On 03 Aug 2015, at 15:50, Colton Conor colton.co...@gmail.com wrote: How does DE-CIX work if you want to cross connect over the exchange to another provider in a different on-net datacenter of the exchange in the same metro market? I’m not sure, but you may be looking for the GlobePEER service https://www.de-cix.net/products-services/globepeer/ This seems to be included in your port price. Regards, Marc
Re: GoDaddy : DDoS : : Contact
On 3 Aug 2015, at 21:19, Stephen Satchell wrote: And any half-awake server operator would have turned on SYNCOOKIES a long time ago. I hate to tell you this, but a) SYN-cookies aren't a perfect response, as servers don't have infinite resources, and b) stateful firewalls go down *all the time* under DDoS attacks. It might be a good idea to search the list archives for more on this phenomenon. There's also information available in the Arbor WISRs; I think the first time we explicitly asked in the survey about stateful devices going down under DDoS was in 2010: [Warning: free registration required, but you can opt-out of email as part of the registration process] http://www.arbornetworks.com/resources/infrastructure-security-report --- Roland Dobbins rdobb...@arbor.net
Re: ISPs/Carriers in LATA 138
I have Fiber / DOCSIS / EPON in some rural areas of LATA 138, Where exactly are you looking? feel free to respond off list. On Mon, Aug 3, 2015 at 6:52 PM, kb3ien+na...@databit7.com wrote: I'm looking for a solution to provide one-weekend per year access in a rural area 20 km outside Binghamton NY, LATA 138 Can anyone provide any recomendations? Robin kb3ien
Re: [BULK] Verizon exiting California
Revision 7 (8/3/2006) That now explains why they were talking about ATM exchanges and DS3 international links... Speaking of Frontier peering... does anyone have a contact over there? They haven't responded to my e-mail. I didn't send more than one (I think) because I didn't want to be annoying. Some may call that an impossible task. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com - Original Message - From: Adam Rothschild a...@latency.net To: Christopher Morrow morrowc.li...@gmail.com Cc: nanog@nanog.org Sent: Monday, August 3, 2015 1:37:11 PM Subject: Re: [BULK] Verizon exiting California An additional advantage for Frontier customers, post acquisition: http://ipadmin.frontier.com/bilateralpeering_policy.pdf http://www.verizonenterprise.com/terms/peering/ $0.02, -a On Mon, Aug 3, 2015 at 2:12 PM, Christopher Morrow morrowc.li...@gmail.com wrote: On Mon, Aug 3, 2015 at 1:09 PM, Matthew Black matthew.bl...@csulb.edu wrote: I ran a few Google searches and came across a trove of complaints against Frontier. Seems they are far worse than GTE/Verizon. On the few occasions I have called for FIOS support, always reached someone knowledgeable and helpful. Not looking forward to the changeover, as the new owners have to pay off debts from their acquisition. That can only be accomplished through rate increases. I see a Verizon tech outside my kitchen window every two to three days as he replaces two nitrogen tanks keeping copper trunks pressurized against water intrusion. though, on the positive side... maybe you'll see ipv6 on frontier fios before the heat death of the universe? (*which is when vz fios folk will see it, apparently).
ISPs/Carriers in LATA 138
I'm looking for a solution to provide one-weekend per year access in a rural area 20 km outside Binghamton NY, LATA 138 Can anyone provide any recomendations? Robin kb3ien
Re: Quakecon: Network Operations Center tour
3. Aug 2015 21:38 by b...@debmi.com: The WiFi jammers have an interesting MO. They don't throw up static on the frequency, that would also block their own wifi. They spoof de-authentication packets. I've been looking for a way to detect this kind of jamming because my WiFi sucks and I live next to three hotels, what you get for living in downtown Atlanta. Blocking WiFi (jamming or deauth attacks) isn't allowed. The Marriott recently got slapped with a fine for doing so. Tell the FCC that the local hotels are doing it: https://www.fcc.gov/document/warning-wi-fi-blocking-prohibited http://arstechnica.com/tech-policy/2015/01/fcc-blocking-wi-fi-in-hotels-is-prohibited https://www.fcc.gov/encyclopedia/jammer-enforcement https://transition.fcc.gov/eb/jammerenforcement/jamfaq.pdf
Re: ISPs/Carriers in LATA 138
Try the local WISP. http://www.plexicomm.net/ Keefe On 8/3/2015 5:52 PM, kb3ien+na...@databit7.com wrote: I'm looking for a solution to provide one-weekend per year access in a rural area 20 km outside Binghamton NY, LATA 138 Can anyone provide any recomendations? Robin kb3ien
Re: Quakecon: Network Operations Center tour
On 4 Aug 2015, at 4:38, Mr Bugs wrote: They don't throw up static on the frequency, that would also block their own wifi. They spoof de-authentication packets. Sure - I'm saying, I don't see this anywhere, is it possible most of this activity is on 2.4GHz and not 5GHz? --- Roland Dobbins rdobb...@arbor.net
Re: Quakecon: Network Operations Center tour
Very interesting. I still have in ~/ a 6509 config I did for an early Quakecon (or some predecessor or similar event) as a favor for a friend in ~2003. The more things change... BTW, ISTR there's some dark fiber between Anatole and INFOMART. I'm sure there's somebody in the 'mart who could provide $REALLY_FAST connectivity if the fiber is still in place. On Sat, Aug 1, 2015 at 2:27 PM, Sean Donelan s...@donelan.com wrote: Non-work, work related information. Many NANOG geeks might be interested in this video tour of the Quakecon NOC tour. As any ISP operator knows, gamers complain faster about problems than any NMS, so you've got to admire the bravery of any NOC in the middle of a gaming convention floor. What Powers Quakecon | Network Operations Center Tour https://www.youtube.com/watch?v=mOv62lBdlXU
Re: Quakecon: Network Operations Center tour
hi mr bugs :-) On 08/03/15 at 05:38pm, Mr Bugs wrote: The WiFi jammers have an interesting MO. They don't throw up static on the frequency, that would also block their own wifi. They spoof de-authentication packets. I've been looking for a way to detect this kind of jamming because my WiFi sucks and I live next to three hotels, what you get for living in downtown Atlanta. i forgot if kismet showed signal strengths of the wifi ap's ... stronger signal wins over weaker signal strengths might not be a jamming issue ?? kismet and tcpdump might be able to show you the packets you're looking for ? what happens if you put up a properly designed wire mess around the exterior windows of your house/condo/aptr?? i'd wag/blindly say the area is probably full of rogue wifi ap's floating around where evergbody is trying to wardrive each other and pick up un-suspecting traveling visitor's login and passwd info ... signals bouncing off steel/concrete is not ez to filter out what should be random background white noise if you're sitting next to the radiating source .. pixie dust alvin # DDoS-Mitigator.net # DDoS-Simulator.net
Re: Quakecon: Network Operations Center tour
The WiFi jammers have an interesting MO. They don't throw up static on the frequency, that would also block their own wifi. They spoof de-authentication packets. I've been looking for a way to detect this kind of jamming because my WiFi sucks and I live next to three hotels, what you get for living in downtown Atlanta. On Mon, Aug 3, 2015 at 5:09 PM, Roland Dobbins rdobb...@arbor.net wrote: On 4 Aug 2015, at 4:03, mikea wrote: In the US, the FCC has ruled that wifi jammers violate one or more parts of the FCC Rules and Regs. I travel quite a bit worldwide, and I've never run into this. I run my portable AP on 5GHz, FWIW. --- Roland Dobbins rdobb...@arbor.net
Re: Quakecon: Network Operations Center tour
On 02.08.2015 23:36, Josh Hoppes wrote: We haven't tackled IPv6 yet since it adds complexity that our primary focus doesn't significantly benefit from yet since most games just don't support it. Our current table switches don't have an RA guard, and will probably require replacement to get ones that are capable. The lack of RA-guard/DHCPv6-guard can still bite you. A client can still send rogue RAs and set up a rogue DNS-server and start hijacking traffic as is preferred over A records by most operating systems these days. IPv6 first-hop security is really underrated these days and not providing the clients with IPv6 does not exclude IPv6 as a potential attack vector. We also re-designed the LAN back in 2011 to break up the giant single broadcast domain down to a subnet per table switch. This has definitely gotten us some flack from the BYOC since it breaks their LAN browsers, but we thought a stable network was more important with how much games have become dependent on stable Internet connectivity. Still trying to find a good way to provide a middle ground for attendees on that one, but I'm sure everyone here would understand how insane a single broadcast domain with 2000+ hosts that aren't under your control is. We have tried to focus on latency on the LAN, however when so many games are no longer LAN oriented Internet connectivity became a dominant issue. At The Gathering we solved this by using ip helper-address for specific game ports and a broadcast forwarder daemon (which has been made publicly available). It sounds really ugly, but it works pretty good, just make sure to rate-limit the broadcast as it can be pretty ugly in the case of a potential loop/broadcast-storm. Some traffic is routed out a separate lower capacity connection to keep saturation issues from impacting it during the event. Squid and nginx do help with caching, and thankfully Steam migrated to a http distribution method and allows for easy caching. Some other services make it more difficult, but we try our best. Before Steam changed to http distribution there were a few years they helped in providing a local mirror but that seems to have been discontinued with the migration to http. The cache pushed a little over 4Gbps of traffic at peak at the event. The core IT team which handles the network (L2 and above) is about 9 volunteers. The physical infrastructure is our IP D team, which gets a huge team of volunteers put together in order to get that 13 miles of cable ready between Monday and Wednesday. The event is very volunteer driven, like many LAN parties across the planet. We try to reuse cable from year to year, including loading up the table runs onto a pallet to be used in making new cables out of in future years. Thanks for the write-up, it's always cool to read how others in the LAN-party scene does things! :) -- Harald
Re: Quakecon: Network Operations Center tour
I help with an event that has a pretty decent sized lan party as well. We're not just focused on the lan party, more of a rock concerts - huge arcade - panels - lan party type event. It was a few years ago that a mincraft griefing team came and attacked the network internally. At the time the BYOC LAN party I think was using 3com switches on the edge. Griefers were doing MAC flooding or something that was causing the switches to fall over. And not just the switch they were connected to it was bringing down many of them. They were doing it in spurts and the people dealing with the network thought the issue was misbehaving equipment for a bit (it seemed foreign at that time that someone from the community would be doing it.) Mind you the people running things (volunteers) are running on little sleep, had no time to build out security appliances let alone watch a bunch of logs. They're pretty smart but you know - you get a bunch of smart people together they all bicker about how to do things their way. In the end, one of the griefers friends went and told on them, and that's how they were discovered. Badges yanked and banned for life. Most of these cons and events run on surplus hardware. Granted, these days there is more and more higher end stuff being cast away. More and more 10 gig, Juniper, Force10 and other decent equipment coming into play. Getting bandwidth into the events is a pain. Huge venues are meant for large corporate events not lower budget cons and festivals. Venue pricing I believe is 750-1500$ per megabit. 100 megabit = $75,000 for the weekend. One year I rememeber there being a switch with 8 vlans on it sitting outside the back door with 8 clear modems spread out all blinking away. Geeks get creative. These days, a random family next door gets their business class FiOS paid for the entire year (with a good TV package) in return for a weekend or two a year of it being slammed. But that isn't keeping up with demand. I think sponsorship is in our future as far as bandwidth goes. Internally, the hotels charge for any ports. So if you need cross connects between rooms, it's pretty expensive. And it's managed by them so running tagged traffic is a no go an other things. So out comes miles of fiber and rolls of gaffers tape every year. And miles of cat5. The lan party is fairly concentrated, but other departments all have other network needs. HD video streams outbound, voip telephones, ARTNet, etc. It's crazy. But I guess it's a good way to keep skills sharp and learn new things. Also, Steam and others should make a caching server solution similar to what exists in Apple OSX server. - Ethan
Re: Quakecon: Network Operations Center tour
On 3 Aug 2015, at 21:58, Ethan wrote: In the end, one of the griefers friends went and told on them, and that's how they were discovered. Pretty much how it works on the general Internet, too, it seems. ; --- Roland Dobbins rdobb...@arbor.net
Re: Quakecon: Network Operations Center tour
Venue Internet is the bane of events. Crazy expensive. Almost as expensive as a laborer in Chicago to move your box from the truck to your booth. ;-) - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com - Original Message - From: Ethan telmn...@757.org To: nanog@nanog.org Sent: Monday, August 3, 2015 9:58:35 AM Subject: Re: Quakecon: Network Operations Center tour I help with an event that has a pretty decent sized lan party as well. We're not just focused on the lan party, more of a rock concerts - huge arcade - panels - lan party type event. It was a few years ago that a mincraft griefing team came and attacked the network internally. At the time the BYOC LAN party I think was using 3com switches on the edge. Griefers were doing MAC flooding or something that was causing the switches to fall over. And not just the switch they were connected to it was bringing down many of them. They were doing it in spurts and the people dealing with the network thought the issue was misbehaving equipment for a bit (it seemed foreign at that time that someone from the community would be doing it.) Mind you the people running things (volunteers) are running on little sleep, had no time to build out security appliances let alone watch a bunch of logs. They're pretty smart but you know - you get a bunch of smart people together they all bicker about how to do things their way. In the end, one of the griefers friends went and told on them, and that's how they were discovered. Badges yanked and banned for life. Most of these cons and events run on surplus hardware. Granted, these days there is more and more higher end stuff being cast away. More and more 10 gig, Juniper, Force10 and other decent equipment coming into play. Getting bandwidth into the events is a pain. Huge venues are meant for large corporate events not lower budget cons and festivals. Venue pricing I believe is 750-1500$ per megabit. 100 megabit = $75,000 for the weekend. One year I rememeber there being a switch with 8 vlans on it sitting outside the back door with 8 clear modems spread out all blinking away. Geeks get creative. These days, a random family next door gets their business class FiOS paid for the entire year (with a good TV package) in return for a weekend or two a year of it being slammed. But that isn't keeping up with demand. I think sponsorship is in our future as far as bandwidth goes. Internally, the hotels charge for any ports. So if you need cross connects between rooms, it's pretty expensive. And it's managed by them so running tagged traffic is a no go an other things. So out comes miles of fiber and rolls of gaffers tape every year. And miles of cat5. The lan party is fairly concentrated, but other departments all have other network needs. HD video streams outbound, voip telephones, ARTNet, etc. It's crazy. But I guess it's a good way to keep skills sharp and learn new things. Also, Steam and others should make a caching server solution similar to what exists in Apple OSX server. - Ethan
RE: [BULK] Verizon exiting California
I ran a few Google searches and came across a trove of complaints against Frontier. Seems they are far worse than GTE/Verizon. On the few occasions I have called for FIOS support, always reached someone knowledgeable and helpful. Not looking forward to the changeover, as the new owners have to pay off debts from their acquisition. That can only be accomplished through rate increases. I see a Verizon tech outside my kitchen window every two to three days as he replaces two nitrogen tanks keeping copper trunks pressurized against water intrusion. matthew black california state university, long beach -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Mike Sent: Friday, July 31, 2015 7:33 AM To: nanog@nanog.org Subject: Re: [BULK] Verizon exiting California On 07/31/2015 06:27 AM, Mike Hammett wrote: Can anyone else back that up (or refute it)? I am a CLEC operating in California west, and I collocate with verizon. Yes, Verizon is proposing to sell it's wireline assets to Frontier and become effectively an all-wireless carrier. Frontier is going to get a patchwork of ancient switches and poorly maintained outside plant, in rural areas that would require tens of millions of dollars in upgrades for sparely populaed areas it could never turn a profit on. I seriously wonder about the viability of taking on the debt to get those areas and even just maintain them, vz itself has done a very poor job and it presently operates a network where E911 routinely fails along with pots for many, for weeks at a time. And somehow, Verizon has been allowed to skate along without being held to the fire for it's mandated utility / carrier of last resort obligations. I worry that Frontier, with all the new added debt obligations, will not able to swallow this pill. Mike-
Re: GoDaddy : DoS :: Contact
Thanks Mel. The ISP got back to me and has asked me to build a Juniper block list ACL for them so I am doing that now. //Jason From: Mel Beckman m...@beckman.orgmailto:m...@beckman.org Date: Sunday, August 2, 2015 at 5:56 PM To: Jason LeBlanc jason.lebl...@infusionsoft.commailto:jason.lebl...@infusionsoft.com Cc: NANOG nanog@nanog.orgmailto:nanog@nanog.org Subject: Re: GoDaddy : DoS :: Contact Blackholing isn't what you want. That will still permit his source IP into your network, and only blackhole replies from your network, so the attack will still consume bandwidth. What you should request is a source IP ACL blocking that address at your upstream' border. BGP is no help in these situations, unless you use a BGP-based DDoS protection service. -mel beckman On Aug 2, 2015, at 5:17 PM, Jason LeBlanc jason.lebl...@infusionsoft.commailto:jason.lebl...@infusionsoft.com wrote: Thanks Mel. You are not being difficult, I meant DoS. The network I inherited doesn’t have BGP yet so I have asked our upstream to blackhole it and I emailed abuse neither have happened yet. I do block it but that’s after it hits our side. //Jason From: Mel Beckman m...@beckman.orgmailto:m...@beckman.org Date: Sunday, August 2, 2015 at 4:20 PM To: Jason LeBlanc jason.lebl...@infusionsoft.commailto:jason.lebl...@infusionsoft.com Cc: NANOG nanog@nanog.orgmailto:nanog@nanog.org Subject: Re: GoDaddy : DDoS :: Contact Not to be difficult, but how can it be a DDoS attack if it’s coming from a single IP? Normally you would just block this IP at your borders or ask your upstreams to do so before it consumes your bandwidth. You still want to get GoDaddy to address the problem, of course, but you should do that via their ab...@godaddy.commailto:ab...@godaddy.com contact, or their abuse page at https://supportcenter.godaddy.com/AbuseReport/Index (submit via the “malware” button). -mel On Aug 2, 2015, at 12:59 PM, Jason LeBlanc jason.lebl...@infusionsoft.commailto:jason.lebl...@infusionsoft.com wrote: My company is being DDoS'd by a single IP from a GoDaddy customer. I havent had success with the ab...@godaddy.commailto:ab...@godaddy.com email. Was hoping someone that could help might be watching the list and could contact me off-list. //Jason
Re: [BULK] Verizon exiting California
On Mon, Aug 3, 2015 at 1:09 PM, Matthew Black matthew.bl...@csulb.edu wrote: I ran a few Google searches and came across a trove of complaints against Frontier. Seems they are far worse than GTE/Verizon. On the few occasions I have called for FIOS support, always reached someone knowledgeable and helpful. Not looking forward to the changeover, as the new owners have to pay off debts from their acquisition. That can only be accomplished through rate increases. I see a Verizon tech outside my kitchen window every two to three days as he replaces two nitrogen tanks keeping copper trunks pressurized against water intrusion. though, on the positive side... maybe you'll see ipv6 on frontier fios before the heat death of the universe? (*which is when vz fios folk will see it, apparently).
Re: GoDaddy : DDoS : : Contact
John, What would be the point of spoofing the source IPs to be identical? You're just making the attack trivial to block. Plus you could never do any kind of TCP session attack, since you can't complete a handshake. I would have to call this sort of attack a LAAADDoS (Lame Attempt At A DDoS). :) -mel beckman On Aug 2, 2015, at 10:11 PM, John Levine jo...@iecc.com wrote: DDoS = multiple IPs DoS = single IP It seems most people colloquially use DDoS for both, and reserve DoS for magic-packet blocking exploits like the latest BIND CVE, FYI. Given how easy it still is to put a fake source address in an IP packet, it seems optimistic to assume that just because the packets all have the same return address, they're actually coming from the same place. R's, John
Re: GoDaddy : DDoS : : Contact
On 3 Aug 2015, at 19:40, Mel Beckman wrote: What would be the point of spoofing the source IPs to be identical? You're just making the attack trivial to block. Attackers do strange things all the time. Most endpoint organizations don't have any way to detect/classify DDoS traffic, so they've no idea how to block it. Plus, it can asymmetrically strain load-balanced server instances, links, et. al. Most DDoS attacks don't involve TCP and 3-way handshakes. That isn't to say they aren't common, but one oughtn't to assume that having the ability to do so is a prerequisite for an attacker. --- Roland Dobbins rdobb...@arbor.net
Re: GoDaddy : DDoS : : Contact
Hi, What would be the point of spoofing the source IPs to be identical? You're just making the attack trivial to block. Plus you could never do any kind of TCP session attack, since you can't complete a handshake. I would have to call this sort of attack a LAAADDoS (Lame Attempt At A DDoS). :) perhaps spoofing an IP that cannot be blocked as its one that needs to be allowed for the site IT to operate? some cloud service IP or such ? alan
Re: GoDaddy : DDoS :: Contact
Children! Regards, Dovid -Original Message- From: valdis.kletni...@vt.edu Sender: NANOG nanog-boun...@nanog.orgDate: Mon, 03 Aug 2015 00:20:23 To: tqr2813d376cjozqa...@tutanota.com Cc: nanog@nanog.org Subject: Re: GoDaddy : DDoS :: Contact On Mon, 03 Aug 2015 03:58:31 -, tqr2813d376cjozqa...@tutanota.com said: It seems most people colloquially use DDoS for both, and reserve DoS for magic-packet blocking exploits like the latest BIND CVE, FYI. Then they are mistaken, unfortunately. Feel free to try to reclaim the old meaning of the word hacker while you're at it. That ship sailed long ago, and so has the DoS/DDoS distinction.
Re: GoDaddy : DDoS : : Contact
On 08/03/2015 05:40 AM, Mel Beckman wrote: What would be the point of spoofing the source IPs to be identical? You're just making the attack trivial to block. Plus you could never do any kind of TCP session attack, since you can't complete a handshake. I would have to call this sort of attack a LAAADDoS (Lame Attempt At A DDoS).:) Reflection attack as a secondary goal against the spoofed source IP? Primary goal would be a SYN flood of many servers.
Re: GoDaddy : DoS :: Contact
Source based black holing would work in this case providing it was done at GoDaddy's edge. On 3 Aug 2015 01:58, Mel Beckman m...@beckman.org wrote: Blackholing isn't what you want. That will still permit his source IP into your network, and only blackhole replies from your network, so the attack will still consume bandwidth. What you should request is a source IP ACL blocking that address at your upstream' border. BGP is no help in these situations, unless you use a BGP-based DDoS protection service. -mel beckman On Aug 2, 2015, at 5:17 PM, Jason LeBlanc jason.lebl...@infusionsoft.com mailto:jason.lebl...@infusionsoft.com wrote: Thanks Mel. You are not being difficult, I meant DoS. The network I inherited doesn't have BGP yet so I have asked our upstream to blackhole it and I emailed abuse neither have happened yet. I do block it but that's after it hits our side. //Jason From: Mel Beckman m...@beckman.orgmailto:m...@beckman.org Date: Sunday, August 2, 2015 at 4:20 PM To: Jason LeBlanc jason.lebl...@infusionsoft.commailto: jason.lebl...@infusionsoft.com Cc: NANOG nanog@nanog.orgmailto:nanog@nanog.org Subject: Re: GoDaddy : DDoS :: Contact Not to be difficult, but how can it be a DDoS attack if it's coming from a single IP? Normally you would just block this IP at your borders or ask your upstreams to do so before it consumes your bandwidth. You still want to get GoDaddy to address the problem, of course, but you should do that via their ab...@godaddy.commailto:ab...@godaddy.com contact, or their abuse page at https://supportcenter.godaddy.com/AbuseReport/Index (submit via the malware button). -mel On Aug 2, 2015, at 12:59 PM, Jason LeBlanc jason.lebl...@infusionsoft.com mailto:jason.lebl...@infusionsoft.com wrote: My company is being DDoS'd by a single IP from a GoDaddy customer. I havent had success with the ab...@godaddy.commailto:ab...@godaddy.com email. Was hoping someone that could help might be watching the list and could contact me off-list. //Jason
Re: GoDaddy : DoS :: Contact
On 3 Aug 2015, at 20:28, Mel Beckman wrote: Blackholing works on destination address — it’s a route to null0. https://tools.ietf.org/html/rfc5635 --- Roland Dobbins rdobb...@arbor.net
Re: GoDaddy : DDoS : : Contact
On 3 Aug 2015, at 21:00, Roland Dobbins wrote: due to DDoS exhaustion That should read 'state exhaustion', apologies. --- Roland Dobbins rdobb...@arbor.net
Re: GoDaddy : DoS :: Contact
I don’t see how. Blackholing works on destination address — it’s a route to null0. The source address isn’t considered and thus the traffic will still leave GoDaddy. GoDaddy could, I suppose, implement a policy route based on source address, but that’s really no different than an ACL. And it’s not a blackhole. Anyway, since it's the GoDaddy edge your talking about, GoDaddy can simply disconnect the customer. -mel On Aug 3, 2015, at 6:20 AM, Alistair Mackenzie magics...@gmail.commailto:magics...@gmail.com wrote: Source based black holing would work in this case providing it was done at GoDaddy's edge. On 3 Aug 2015 01:58, Mel Beckman m...@beckman.orgmailto:m...@beckman.org wrote: Blackholing isn't what you want. That will still permit his source IP into your network, and only blackhole replies from your network, so the attack will still consume bandwidth. What you should request is a source IP ACL blocking that address at your upstream' border. BGP is no help in these situations, unless you use a BGP-based DDoS protection service. -mel beckman On Aug 2, 2015, at 5:17 PM, Jason LeBlanc jason.lebl...@infusionsoft.commailto:jason.lebl...@infusionsoft.commailto:jason.lebl...@infusionsoft.commailto:jason.lebl...@infusionsoft.com wrote: Thanks Mel. You are not being difficult, I meant DoS. The network I inherited doesn't have BGP yet so I have asked our upstream to blackhole it and I emailed abuse neither have happened yet. I do block it but that's after it hits our side. //Jason From: Mel Beckman m...@beckman.orgmailto:m...@beckman.orgmailto:m...@beckman.orgmailto:m...@beckman.org Date: Sunday, August 2, 2015 at 4:20 PM To: Jason LeBlanc jason.lebl...@infusionsoft.commailto:jason.lebl...@infusionsoft.commailto:jason.lebl...@infusionsoft.commailto:jason.lebl...@infusionsoft.com Cc: NANOG nanog@nanog.orgmailto:nanog@nanog.orgmailto:nanog@nanog.orgmailto:nanog@nanog.org Subject: Re: GoDaddy : DDoS :: Contact Not to be difficult, but how can it be a DDoS attack if it's coming from a single IP? Normally you would just block this IP at your borders or ask your upstreams to do so before it consumes your bandwidth. You still want to get GoDaddy to address the problem, of course, but you should do that via their ab...@godaddy.commailto:ab...@godaddy.commailto:ab...@godaddy.commailto:ab...@godaddy.com contact, or their abuse page at https://supportcenter.godaddy.com/AbuseReport/Index (submit via the malware button). -mel On Aug 2, 2015, at 12:59 PM, Jason LeBlanc jason.lebl...@infusionsoft.commailto:jason.lebl...@infusionsoft.commailto:jason.lebl...@infusionsoft.commailto:jason.lebl...@infusionsoft.com wrote: My company is being DDoS'd by a single IP from a GoDaddy customer. I havent had success with the ab...@godaddy.commailto:ab...@godaddy.commailto:ab...@godaddy.commailto:ab...@godaddy.com email. Was hoping someone that could help might be watching the list and could contact me off-list. //Jason
Re: GoDaddy : DDoS : : Contact
But SYN floods are easily detected and deflected by all modern firewalls. If a handshake doesn’t complete within a certain time interval, the SYN is discarded. Many DDOS attacks are full-fledged TCP sessions. The zombies are used to simulate legitimate users, and because they’re coming from thousands of legitimate IP addresses sending what looks like completely normal traffic (e.g. HTTP queries) they are difficult to distinguish from real clients systems. There are of course unicast DDOS attacks prosecuted over UDP or ICMP. The majority I’ve seen, however, are TCP. In any event, I think it’s not useful to misuse the term DDoS, and that it refers to any attack where the source addresses are distributed across the Internet, making them difficult to identify and therefore block. -mel On Aug 3, 2015, at 6:00 AM, Stephen Satchell l...@satchell.net wrote: On 08/03/2015 05:40 AM, Mel Beckman wrote: What would be the point of spoofing the source IPs to be identical? You're just making the attack trivial to block. Plus you could never do any kind of TCP session attack, since you can't complete a handshake. I would have to call this sort of attack a LAAADDoS (Lame Attempt At A DDoS).:) Reflection attack as a secondary goal against the spoofed source IP? Primary goal would be a SYN flood of many servers.
Re: DE-CIX vs Equinix
Charles, You mentioned to not use DE-CIX NYC pricing as a benchmark for Dallas, but it looks like DE-CIX has priced their Dallas ports, according to their website, at the same prices at NYC: https://www.de-cix.net/products-services/pricing/#c2374 PortSpeed/GbpsMRC1GE1US$ 57510GE10US$ 1,250100GE100On request Pricing table effective from 1 August 2015. There is a special offer: *Join us now and get your 1GE or 10GE port free of charge for* - *6 months* (minimum contract term of 12 months) or - *12 months* (minimum contract term of 36 months). https://www.de-cix.net/products-services/pricing/#c2374 So it seems that their 10G port price, after promo, is $1250, and it does not mention cross connect would be included. Compare this to Equinix's 10G port with a cross connect included at $1000 per month. Considering Equinix's cross connects are usually $350 per month, this means Equinix's actual 10G port really cost $650 per month. So, I will ask the question again, why are providers going to jump and use DE-CIX over Equinix's peering exchange? I am failing to see the benefit. I thought it would be price, but apparently not. On Wed, Jul 22, 2015 at 9:25 AM, Charles Gucker cguc...@onesc.net wrote: On Wed, Jul 22, 2015 at 9:48 AM, Colton Conor colton.co...@gmail.com wrote: What are the main difference between these two peering companies, exchanges, and overall operating model? The market in question would be Dallas Texas where Equinix already has the only established peering exchange with over 100 members, and DE-CIX just announced today that that would also be building one in Dallas. It will take time for DE-CIX to establish their exchange in Dallas and get members, but they better question is why would people switch? In short, Equinix is by far and large a data center operator and the Internet exchange is an add-on service only available within their data center locations. DE-CIX is an exchange point operator who operates in multiple dis-parent data center locations. For a 10G port with a cross connect to the exchange included Equinix charges $1000 per month. According to DE-CIX it looks like they charge $1250 per month for a 10G port in NYC, so I asusme the same would be true in Dallas. https://nyc.de-cix.net/products-services/pricing/ I would not use DE-CIX NYC pricing as a benchmark.As DE-CIX learned, NYC is a very difficult market to get connectivity and to build an exchange in.As such their operating costs are a lot higher than in other markets and I don't believe it would be a good assumption to use NYC based pricing in Dallas.But keep in mind, DE-CIX likes to distribute their network access nodes to get a larger audience than within ones own facility. Also, I would suggest looking at the big picture and the cost of colocation services in a facility other than Equinix to level the playing field. Looks like DE-CIX will offer a promo to entice new members to join, and their exchange will be in the carrier neatural meet me room operated by the infomart that will have little to no cross connect fees. Why would people pay more to connect to an exchange with less members? What is the european exchange that is a non-profit and basically only covers the cost of operating the exchange? As stated above, when looking at the big picture, it may or may not be more expensive when all of your other services are considered. It should be said that I don't have any axe to grind and think very highly of Equinix.But with respect to Dallas, I would suggest looking at bigger picture and see if your assumptions still hold true. charles
Re: GoDaddy : DoS :: Contact
On 3 Aug 2015, at 20:46, Mel Beckman wrote: 1. From the RFC itself, you by definition sacrifice the victims address: 3.1. ...While this does complete the attack in that the target address(es) are made unreachable, collateral damage is minimized. It may also be possible to move the host or service on the target IP address(es) to another address and keep the service up, for example, by updating associated DNS resource records. This is incorrect. I've used S/RTBH for the last 15 years or so to mitigate attacks. One absolutely does *not* 'sacrifice the victim's IP address'. The section you're quoting is describing D/RTBH, by way of explaining its deficiencies. It would probably be a good idea to read the RFC in its entirety. S/RTBH is described in Section 4 - e.g., the very next section. 2. No ISP I know of supports it (e.g., via BGP communities) As noted in my previous message in this thread, one applies this on one's own transit-/peering-edge router. While it won't prevent said link from being saturated, it keeps traffic from the blackholed source off one's own core, and off the targeted IP(s), which is of operational utility. --- Roland Dobbins rdobb...@arbor.net
Re: DE-CIX vs Equinix
Usually on a distributed exchange, everyone on the same fabric is available at the same standard price. Local datacenter or the furthest datacenter, same price. Look at what happened in NYC. I'd expect something similar in Dallas, though I have no inside information behind that. https://nyc.de-cix.net/news/news-archive/ - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com - Original Message - From: Colton Conor colton.co...@gmail.com To: Mike Hammett na...@ics-il.net Cc: NANOG nanog@nanog.org Sent: Monday, August 3, 2015 8:50:26 AM Subject: Re: DE-CIX vs Equinix Does DE-CIX usually go to market with at least some of the big content providers already on board? For example, will guys like Netflix, Google, and other CDN's more than likely be on the exchange starting day 1? How does DE-CIX work if you want to cross connect over the exchange to another provider in a different on-net datacenter of the exchange in the same metro market? On Mon, Aug 3, 2015 at 8:44 AM, Mike Hammett na...@ics-il.net wrote: I'd expect that eventually DE-CIX will build into every Dallas datacenter as they have done in New York and Germany whereas Equinix is only available... in Equinix. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com - Original Message - From: Colton Conor colton.co...@gmail.com To: Charles Gucker cguc...@onesc.net Cc: NANOG nanog@nanog.org Sent: Monday, August 3, 2015 8:36:20 AM Subject: Re: DE-CIX vs Equinix Charles, You mentioned to not use DE-CIX NYC pricing as a benchmark for Dallas, but it looks like DE-CIX has priced their Dallas ports, according to their website, at the same prices at NYC: https://www.de-cix.net/products-services/pricing/#c2374 PortSpeed/GbpsMRC1GE1US$ 57510GE10US$ 1,250100GE100On request Pricing table effective from 1 August 2015. There is a special offer: *Join us now and get your 1GE or 10GE port free of charge for* - *6 months* (minimum contract term of 12 months) or - *12 months* (minimum contract term of 36 months). https://www.de-cix.net/products-services/pricing/#c2374 So it seems that their 10G port price, after promo, is $1250, and it does not mention cross connect would be included. Compare this to Equinix's 10G port with a cross connect included at $1000 per month. Considering Equinix's cross connects are usually $350 per month, this means Equinix's actual 10G port really cost $650 per month. So, I will ask the question again, why are providers going to jump and use DE-CIX over Equinix's peering exchange? I am failing to see the benefit. I thought it would be price, but apparently not. On Wed, Jul 22, 2015 at 9:25 AM, Charles Gucker cguc...@onesc.net wrote: On Wed, Jul 22, 2015 at 9:48 AM, Colton Conor colton.co...@gmail.com wrote: What are the main difference between these two peering companies, exchanges, and overall operating model? The market in question would be Dallas Texas where Equinix already has the only established peering exchange with over 100 members, and DE-CIX just announced today that that would also be building one in Dallas. It will take time for DE-CIX to establish their exchange in Dallas and get members, but they better question is why would people switch? In short, Equinix is by far and large a data center operator and the Internet exchange is an add-on service only available within their data center locations. DE-CIX is an exchange point operator who operates in multiple dis-parent data center locations. For a 10G port with a cross connect to the exchange included Equinix charges $1000 per month. According to DE-CIX it looks like they charge $1250 per month for a 10G port in NYC, so I asusme the same would be true in Dallas. https://nyc.de-cix.net/products-services/pricing/ I would not use DE-CIX NYC pricing as a benchmark. As DE-CIX learned, NYC is a very difficult market to get connectivity and to build an exchange in. As such their operating costs are a lot higher than in other markets and I don't believe it would be a good assumption to use NYC based pricing in Dallas. But keep in mind, DE-CIX likes to distribute their network access nodes to get a larger audience than within ones own facility. Also, I would suggest looking at the big picture and the cost of colocation services in a facility other than Equinix to level the playing field. Looks like DE-CIX will offer a promo to entice new members to join, and their exchange will be in the carrier neatural meet me room operated by the infomart that will have little to no cross connect fees. Why would people pay more to connect to an exchange with less members? What is the european exchange that is a non-profit and basically only
Re: GoDaddy : DDoS : : Contact
On 08/03/2015 07:04 AM, Roland Dobbins wrote: On 3 Aug 2015, at 21:00, Roland Dobbins wrote: due to DDoS exhaustion That should read '[TCP] state exhaustion', apologies. And any half-awake server operator would have turned on SYNCOOKIES a long time ago.
Re: GoDaddy : DoS :: Contact
On 3 Aug 2015, at 7:56, Mel Beckman wrote: BGP is no help in these situations, unless you use a BGP-based DDoS protection service. Anyone can set up S/RTBH on their transit-/peering-edge routers, even if they aren't using BGP for routing. Likewise flowspec, on routers which support it. If attack volume is high, it still may flood the link, but keeping the traffic off one's own core and off the actual target(s) of the attack are still very worthwhile. --- Roland Dobbins rdobb...@arbor.net
Re: DE-CIX vs Equinix
I'd expect that eventually DE-CIX will build into every Dallas datacenter as they have done in New York and Germany whereas Equinix is only available... in Equinix. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com - Original Message - From: Colton Conor colton.co...@gmail.com To: Charles Gucker cguc...@onesc.net Cc: NANOG nanog@nanog.org Sent: Monday, August 3, 2015 8:36:20 AM Subject: Re: DE-CIX vs Equinix Charles, You mentioned to not use DE-CIX NYC pricing as a benchmark for Dallas, but it looks like DE-CIX has priced their Dallas ports, according to their website, at the same prices at NYC: https://www.de-cix.net/products-services/pricing/#c2374 PortSpeed/GbpsMRC1GE1US$ 57510GE10US$ 1,250100GE100On request Pricing table effective from 1 August 2015. There is a special offer: *Join us now and get your 1GE or 10GE port free of charge for* - *6 months* (minimum contract term of 12 months) or - *12 months* (minimum contract term of 36 months). https://www.de-cix.net/products-services/pricing/#c2374 So it seems that their 10G port price, after promo, is $1250, and it does not mention cross connect would be included. Compare this to Equinix's 10G port with a cross connect included at $1000 per month. Considering Equinix's cross connects are usually $350 per month, this means Equinix's actual 10G port really cost $650 per month. So, I will ask the question again, why are providers going to jump and use DE-CIX over Equinix's peering exchange? I am failing to see the benefit. I thought it would be price, but apparently not. On Wed, Jul 22, 2015 at 9:25 AM, Charles Gucker cguc...@onesc.net wrote: On Wed, Jul 22, 2015 at 9:48 AM, Colton Conor colton.co...@gmail.com wrote: What are the main difference between these two peering companies, exchanges, and overall operating model? The market in question would be Dallas Texas where Equinix already has the only established peering exchange with over 100 members, and DE-CIX just announced today that that would also be building one in Dallas. It will take time for DE-CIX to establish their exchange in Dallas and get members, but they better question is why would people switch? In short, Equinix is by far and large a data center operator and the Internet exchange is an add-on service only available within their data center locations. DE-CIX is an exchange point operator who operates in multiple dis-parent data center locations. For a 10G port with a cross connect to the exchange included Equinix charges $1000 per month. According to DE-CIX it looks like they charge $1250 per month for a 10G port in NYC, so I asusme the same would be true in Dallas. https://nyc.de-cix.net/products-services/pricing/ I would not use DE-CIX NYC pricing as a benchmark. As DE-CIX learned, NYC is a very difficult market to get connectivity and to build an exchange in. As such their operating costs are a lot higher than in other markets and I don't believe it would be a good assumption to use NYC based pricing in Dallas. But keep in mind, DE-CIX likes to distribute their network access nodes to get a larger audience than within ones own facility. Also, I would suggest looking at the big picture and the cost of colocation services in a facility other than Equinix to level the playing field. Looks like DE-CIX will offer a promo to entice new members to join, and their exchange will be in the carrier neatural meet me room operated by the infomart that will have little to no cross connect fees. Why would people pay more to connect to an exchange with less members? What is the european exchange that is a non-profit and basically only covers the cost of operating the exchange? As stated above, when looking at the big picture, it may or may not be more expensive when all of your other services are considered. It should be said that I don't have any axe to grind and think very highly of Equinix. But with respect to Dallas, I would suggest looking at bigger picture and see if your assumptions still hold true. charles
Re: GoDaddy : DoS :: Contact
There are two problems with Source-Based Remote Triggered Black Hole (S/RTBH): 1. From the RFC itself, you by definition sacrifice the victims address: 3.1. ...While this does complete the attack in that the target address(es) are made unreachable, collateral damage is minimized. It may also be possible to move the host or service on the target IP address(es) to another address and keep the service up, for example, by updating associated DNS resource records. 2. No ISP I know of supports it (e.g., via BGP communities) -mel On Aug 3, 2015, at 6:31 AM, Roland Dobbins rdobb...@arbor.net wrote: On 3 Aug 2015, at 20:28, Mel Beckman wrote: Blackholing works on destination address — it’s a route to null0. https://tools.ietf.org/html/rfc5635 --- Roland Dobbins rdobb...@arbor.net
Re: DE-CIX vs Equinix
Does DE-CIX usually go to market with at least some of the big content providers already on board? For example, will guys like Netflix, Google, and other CDN's more than likely be on the exchange starting day 1? How does DE-CIX work if you want to cross connect over the exchange to another provider in a different on-net datacenter of the exchange in the same metro market? On Mon, Aug 3, 2015 at 8:44 AM, Mike Hammett na...@ics-il.net wrote: I'd expect that eventually DE-CIX will build into every Dallas datacenter as they have done in New York and Germany whereas Equinix is only available... in Equinix. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com - Original Message - From: Colton Conor colton.co...@gmail.com To: Charles Gucker cguc...@onesc.net Cc: NANOG nanog@nanog.org Sent: Monday, August 3, 2015 8:36:20 AM Subject: Re: DE-CIX vs Equinix Charles, You mentioned to not use DE-CIX NYC pricing as a benchmark for Dallas, but it looks like DE-CIX has priced their Dallas ports, according to their website, at the same prices at NYC: https://www.de-cix.net/products-services/pricing/#c2374 PortSpeed/GbpsMRC1GE1US$ 57510GE10US$ 1,250100GE100On request Pricing table effective from 1 August 2015. There is a special offer: *Join us now and get your 1GE or 10GE port free of charge for* - *6 months* (minimum contract term of 12 months) or - *12 months* (minimum contract term of 36 months). https://www.de-cix.net/products-services/pricing/#c2374 So it seems that their 10G port price, after promo, is $1250, and it does not mention cross connect would be included. Compare this to Equinix's 10G port with a cross connect included at $1000 per month. Considering Equinix's cross connects are usually $350 per month, this means Equinix's actual 10G port really cost $650 per month. So, I will ask the question again, why are providers going to jump and use DE-CIX over Equinix's peering exchange? I am failing to see the benefit. I thought it would be price, but apparently not. On Wed, Jul 22, 2015 at 9:25 AM, Charles Gucker cguc...@onesc.net wrote: On Wed, Jul 22, 2015 at 9:48 AM, Colton Conor colton.co...@gmail.com wrote: What are the main difference between these two peering companies, exchanges, and overall operating model? The market in question would be Dallas Texas where Equinix already has the only established peering exchange with over 100 members, and DE-CIX just announced today that that would also be building one in Dallas. It will take time for DE-CIX to establish their exchange in Dallas and get members, but they better question is why would people switch? In short, Equinix is by far and large a data center operator and the Internet exchange is an add-on service only available within their data center locations. DE-CIX is an exchange point operator who operates in multiple dis-parent data center locations. For a 10G port with a cross connect to the exchange included Equinix charges $1000 per month. According to DE-CIX it looks like they charge $1250 per month for a 10G port in NYC, so I asusme the same would be true in Dallas. https://nyc.de-cix.net/products-services/pricing/ I would not use DE-CIX NYC pricing as a benchmark. As DE-CIX learned, NYC is a very difficult market to get connectivity and to build an exchange in. As such their operating costs are a lot higher than in other markets and I don't believe it would be a good assumption to use NYC based pricing in Dallas. But keep in mind, DE-CIX likes to distribute their network access nodes to get a larger audience than within ones own facility. Also, I would suggest looking at the big picture and the cost of colocation services in a facility other than Equinix to level the playing field. Looks like DE-CIX will offer a promo to entice new members to join, and their exchange will be in the carrier neatural meet me room operated by the infomart that will have little to no cross connect fees. Why would people pay more to connect to an exchange with less members? What is the european exchange that is a non-profit and basically only covers the cost of operating the exchange? As stated above, when looking at the big picture, it may or may not be more expensive when all of your other services are considered. It should be said that I don't have any axe to grind and think very highly of Equinix. But with respect to Dallas, I would suggest looking at bigger picture and see if your assumptions still hold true. charles
Re: GoDaddy : DDoS : : Contact
On 3 Aug 2015, at 20:35, Mel Beckman wrote: But SYN floods are easily detected and deflected by all modern firewalls. If a handshake doesn’t complete within a certain time interval, the SYN is discarded. This is incorrect. I've seen a 20gb/sec stateful firewall taken down by a 3mb/sec spoofed SYN-flood due to DDoS exhaustion. I've seen a 10gb/sec load-balancer taken down by 60s of 6kpps of HOIC: https://app.box.com/s/a3oqqlgwe15j8svojvzl The majority I’ve seen, however, are TCP. https://en.wikipedia.org/wiki/Hasty_generalization In any event, I think it’s not useful to misuse the term DDoS, and that it refers to any attack where the source addresses are distributed across the Internet, making them difficult to identify and therefore block. Again, that ship sailed long ago. --- Roland Dobbins rdobb...@arbor.net
Re: Quakecon: Network Operations Center tour
hi ethan On 08/03/15 at 10:58am, Ethan wrote: Getting bandwidth into the events is a pain. Huge venues are meant for large corporate events not lower budget cons and festivals. Venue pricing I believe is 750-1500$ per megabit. 100 megabit = $75,000 for the weekend. One year I rememeber there being a switch with 8 vlans on it sitting outside the back door with 8 clear modems spread out all blinking away. for connectivity, does the hotels and convention centers still have wifi jammers so you cannot use your own 56Mbit wifi to get connection to the outside world ? if possible, stick a bunch of dark mirrored-glass covered vans outside the event for wifi access the expensive part is due to labor unions that control the workers and everything else working the capitalistic supply and demand model to the max. the unions disallow you to carry your own gear from your car to the event which is good and bad ... i dont buy their $10 budweiser, $5 water, etc especially when no outside drinks allowed inside the event Geeks get creative. good thing and no unions to control what we did/do ... another ( 40yr old ) boat that has long since sailed since the days of why we had to fight off the unions in the electronics industrt ... pixie dust alvin
Re: Quakecon: Network Operations Center tour
On Mon, Aug 03, 2015 at 01:52:17PM -0700, alvin nanog wrote: hi ethan On 08/03/15 at 10:58am, Ethan wrote: Getting bandwidth into the events is a pain. Huge venues are meant for large corporate events not lower budget cons and festivals. Venue pricing I believe is 750-1500$ per megabit. 100 megabit = $75,000 for the weekend. One year I rememeber there being a switch with 8 vlans on it sitting outside the back door with 8 clear modems spread out all blinking away. for connectivity, does the hotels and convention centers still have wifi jammers so you cannot use your own 56Mbit wifi to get connection to the outside world ? if possible, stick a bunch of dark mirrored-glass covered vans outside the event for wifi access In the US, the FCC has ruled that wifi jammers violate one or more parts of the FCC Rules and Regs. Marriott hotels paid a USD600K fine. A quick Google search on FCC hotel jammer pulls up a great many hits, of which these are the first seven: Jammer Enforcement | FCC.gov https://www.fcc.gov/.../jamme... U.S. Federal Communications Commission Federal law prohibits the operation, marketing, or sale of any type of jamming equipment, including devices that interfere with cellular and Personal ... Marriott to Pay $600K to Resolve WiFi-Blocking ... - FCC https://www.fcc.gov/.../marrio... U.S. Federal Communications Commission Oct 3, 2014 - Hotel Operator Admits Employees Improperly Used Wi-Fi Monitoring ... The complainant alleged that the Gaylord Opryland was “jamming ... WARNING: Wi-Fi Blocking is Prohibited | FCC.gov https://www.fcc.gov/.../warnin... U.S. Federal Communications Commission Jan 27, 2015 - which hotels and other commercial establishments block wireless ... into this kind of unlawful activity by the operator of a resort hotel and ... FCC warns hotels against blocking guests' wi-fi www.consumeraffairs.com/.../fcc-warns-hotels-against-blocking-guests-... Jan 28, 2015 - Hotels, miffed by guests who used their own wi-fi hotspots instead of paying ... It's illegal to jam legal radio transmissions of any kind, FCC vows tough enforcement ... Some had argued that jamming wi-fi and cellphone calls is ... Hotels ask FCC for permission to block guests' personal Wi ... www.pcworld.com/.../hotel-group-asks-fcc-for-permission-to-... PC World Dec 22, 2014 - Marriott argued some hotspot blocking may be justified, as long as the hotel isn't using illegal signal jammers. Unlicensed Wi-Fi hotspots ... FCC fines Marriott $600,000 for blocking guests' Wi-Fi ... www.cnn.com/2014/10/03/travel/marriott-fcc-wi-fi-fine/ CNN Oct 4, 2014 - It's the first time the FCC has investigated a hotel property for ... sense, where someone uses a jammer device to block wireless signals. Instead ... How This Hotel Made Sure Your Wi-Fi Hotspot Sucked ... readwrite.com/2014/.../marriott-nashville-opryland-jams-wifi-internet-wt... Oct 4, 2014 - Caught by FCC for Wi-Fi jamming, Marriott's still not sorry. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: Quakecon: Network Operations Center tour
On 4 Aug 2015, at 4:03, mikea wrote: In the US, the FCC has ruled that wifi jammers violate one or more parts of the FCC Rules and Regs. I travel quite a bit worldwide, and I've never run into this. I run my portable AP on 5GHz, FWIW. --- Roland Dobbins rdobb...@arbor.net