- Original Message -
> From: "Mike Hammett"
> I think you'd be hard pressed to find more than a tenth of a percent of people
> attempt to run their own DNS server. Some do because they think it'll be
> better
> in some way. Rare is the occasion where anything user
--- jason_living...@comcast.com wrote:
As noted last week we're ...
Thank you for sharing this and all the other stuff over
the years with the NANOG community.
scott
As a followup to this issue, and looking specifically at SSDP abuse (not the
DNS amplification noted in the 1st email), one point of commonality we have
identified in many customers is a D-Link device (range of different models). If
you or someone you know uses a D-Link device, please see this
Sent: Saturday, February 27, 2016 7:07:04 AM
Subject: Re: Thank you, Comcast.
On Fri, Feb 26, 2016 at 07:21:04PM -0600, Mike Hammett wrote:
> So we have people saying that blocking residential users from hosting
> DNS servers is not really providing Internet service. Now we have peo
On Fri, Feb 26, 2016 at 07:21:04PM -0600, Mike Hammett wrote:
> So we have people saying that blocking residential users from hosting
> DNS servers is not really providing Internet service. Now we have people
> saying it isn't service if it doesn't (more or less) completely work
> in lynx.
uot;NANOG list" <nanog@nanog.org>
> Sent: Friday, February 26, 2016 6:59:28 PM
> Subject: RE: Thank you, Comcast.
>
>
> The default configuration of IE (all versions), Firefox (all versions),
> Edge (all versions) and Chrome (all versions) is a zero-security
> configu
-il.com
Midwest-IX
http://www.midwest-ix.com
- Original Message -
From: "Keith Medcalf" <kmedc...@dessus.com>
To: "NANOG list" <nanog@nanog.org>
Sent: Friday, February 26, 2016 6:59:28 PM
Subject: RE: Thank you, Comcast.
The default configuration of
On 27 Feb 2016, at 8:06, Keith Medcalf wrote:
Consumer Narrowband Access Networks use these protocols all the time.
Most broadband access customers do not actively use these protocols,
themselves, with the partial exception of SIP.
---
Roland Dobbins
oun...@nanog.org] On Behalf Of Roland Dobbins
> Sent: Friday, 26 February, 2016 10:55
> To: NANOG list
> Subject: Re: Thank you, Comcast.
>
> On 26 Feb 2016, at 22:52, Jay Nugent wrote:
>
> >Customers regularly use various VPN protocols from GRE, SIT, and
> > IPIP, mon
On 27 Feb 2016, at 7:59, John Levine wrote:
I think that most if not all of the consumer over the top VoIP phones
like Vonage use SIP.
That's true. One would hope that they're not globally reachable,
however.
---
Roland Dobbins
>True, but how prevalent are 'bare' SIP phones vs. VoIP systems utilized
>by remote workers via VPNs?
Dunno, but I have two of them. I think that most if not all of the
consumer over the top VoIP phones like Vonage use SIP.
R's,
John
; From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Mike Hammett
> Sent: Friday, February 26, 2016 10:01 AM
> To: NANOG list
> Subject: Re: Thank you, Comcast.
>
> Works fine on a default Chrome installation. *shrugs*
>
>
>
>
> -
> Mike Hammett
&
On 27 Feb 2016, at 7:23, John Levine wrote:
The VoIP phones sure use SIP.
True, but how prevalent are 'bare' SIP phones vs. VoIP systems utilized
by remote workers via VPNs?
---
Roland Dobbins
>> A certain number of us work from home and connect to headquarters with
>> a VPN. and have SIP phones, you know.
>
>Not typically via/requiring the protocols you mentioned.
The VoIP phones sure use SIP.
R's,
John
On 27 Feb 2016, at 4:03, John Levine wrote:
A certain number of us work from home and connect to headquarters with
a VPN. and have SIP phones, you know.
Not typically via/requiring the protocols you mentioned.
---
Roland Dobbins
On 2/26/16 1:08 PM, Rich Kulawiec wrote:
On Fri, Feb 26, 2016 at 10:16:33AM -0700, Brielle Bruns wrote:
You can't do anything about idiots buying a pro-sumer/professional
device like an EdgeRouter and misconfiguring it, but Linksys/Cisco,
D-Link, Netgear, etc that are targeted towards home
>The difference in blocking any of the existing ports on your list and
>blocking UDP/1900 is that the ports on your list are all registered
>ports. Port 1900 is not registered -
IANA is under the impression it's registered for SSDP. Do you have
some reason to believe they're mistaken?
>>Customers regularly use various VPN protocols from GRE, SIT, and
>> IPIP, monitoring protocols such as SNMP, as well as RTP and SIP (where
>> we spend the bulk of our time troubleshooting).
>
>Not so on consumer broadband access networks, which are what's being
>discussed in this thread.
11:47:43
To: Dovid B<do...@telecurve.com>
Cc: Jared Mauch<ja...@puck.nether.net>; Jason
Livingood<jason_living...@cable.comcast.com>; Mody,
Nirmal<nirmal_m...@cable.comcast.com>; NANOG list<nanog@nanog.org>
Subject: Re: Thank you, Comcast.
"We all know...&
On Fri, Feb 26, 2016 at 10:16:33AM -0700, Brielle Bruns wrote:
> You can't do anything about idiots buying a pro-sumer/professional
> device like an EdgeRouter and misconfiguring it, but Linksys/Cisco,
> D-Link, Netgear, etc that are targeted towards home users should be
> held to the fire for
Blake Hudson wrote on 2/26/2016 2:01 PM:
Livingood, Jason wrote on 2/26/2016 1:32 PM:
On 2/26/16, 11:44 AM, "Blake Hudson" > wrote:
Jason, how do you propose to block SSDP without also blocking
legitimate traffic as well (since SSDP uses a port
Livingood, Jason wrote on 2/26/2016 1:32 PM:
On 2/26/16, 11:44 AM, "Blake Hudson" > wrote:
Jason, how do you propose to block SSDP without also blocking
legitimate traffic as well (since SSDP uses a port > 1024 and is
used as part of the
2016 08:02:52
> To: Jared Mauch<ja...@puck.nether.net>; Jason Livingood<
> jason_living...@cable.comcast.com>; Mody, Nirmal<
> nirmal_m...@cable.comcast.com>
> Reply-To: Damian Menscher <dam...@google.com>
> Cc: NANOG list<nanog@nanog.org>
> Subject: Re: Tha
> On Feb 26, 2016, at 2:28 PM, Livingood, Jason
> wrote:
>
> I think the bigger culprit is not the stuff ISPs buy but what consumers
> buy (aka COAM).
I’m certainly not a comcast apologist, (I do wish they would service the
communities where they had their call
On 2/26/16, 11:44 AM, "Blake Hudson" >
wrote:
Jason, how do you propose to block SSDP without also blocking legitimate
traffic as well (since SSDP uses a port > 1024 and is used as part of the
ephemeral port range on some devices) ?
As Roland suggested,
On 2/26/16, 12:33 PM, "NANOG on behalf of Octavio Alvarez"
wrote:
>On 26/02/16 09:16, Brielle Bruns wrote:
>> Place the blame for local resolvers listening on WAN squarely where it
>>belongs - the router vendors who make these
On 2/26/16 10:22 AM, Mike Hammett wrote:
Said in a forum comprised largely of ISPs? Bold move.
I appreciate the work the technical people here do, but doesn't change
the fact that the people who call the shots aren't always on the same
page or have the same goals as do the technical people.
On Fri, 26 Feb 2016 07:20:28 +0100 (CET)
Mikael Abrahamsson wrote:
> I know historically there were resolvers that used UDP/53 as source
> port for queries, but is this the case nowadays?
Empirically from what I've observed, much less than there once was.
Looking at a sample
, 26 Feb 2016 10:16:33
To: <nanog@nanog.org>
Subject: Re: Thank you, Comcast.
On 2/26/16 10:02 AM, Chris Adams wrote:
>>
>> Except that half the time people run their own DNS resolvers because
>> their provider's resolvers are
>
> Resolver != authoritative server. Your
Disconnecting the US isn’t a viable solution.
> On Feb 26, 2016, at 1:48 PM, Dovid Bender wrote:
>
> We all know what countries this traffic is coming from. While you can
> threaten the local ISP's the ones over seas where the traffic is coming from
> won't care.
On Fri, 26 Feb 2016 10:52:55 -0500, Jay Nugent said:
> However, if a 'provider' wishes to block ANYTHING, then they need to
> inform the customer IN WRITING exactly what will be blocked so that
> customer doesn't waste their time and money with said (limited) service
> and vote with their
g-boun...@nanog.org>Date: Fri, 26 Feb 2016 08:02:52
To: Jared Mauch<ja...@puck.nether.net>; Jason
Livingood<jason_living...@cable.comcast.com>; Mody,
Nirmal<nirmal_m...@cable.comcast.com>
Reply-To: Damian Menscher <dam...@google.com>
Cc: NANOG list<nanog@nanog.org&
On Fri, Feb 26, 2016 at 12:17:32PM -0500, Rich Kulawiec wrote:
> On Fri, Feb 26, 2016 at 08:55:20AM -0700, Keith Medcalf wrote:
> > On Friday, 26 February, 2016 08:13, jason_living...@comcast.com said:
> > > http://customer.xfinity.com/help-and-support/internet/list-of-blocked-
> > > ports/
> >
>
> On Feb 26, 2016, at 12:42 PM, John Levine wrote:
>
> Huh. Is it 1998 again?
More like NANOG again.
- jared
On 26 Feb 2016, at 22:52, Jay Nugent wrote:
Customers regularly use various VPN protocols from GRE, SIT, and
IPIP, monitoring protocols such as SNMP, as well as RTP and SIP (where
we spend the bulk of our time troubleshooting).
Not so on consumer broadband access networks, which are
On 27 Feb 2016, at 0:25, Anthony Junk wrote:
There is so much arrogance in these posts saying that these things
should be blocked because it's best or because it's negligible.
I think there's a lack of comprehension on the part of those who don't
run large networks and/or who aren't
In article you write:
>ISP's should block nothing, to or from the customer, unless they make it clear
>*before* selling the service (and include it in the Terms and
>Conditions of Service Contract), that they are not selling an Internet
Once upon a time, Brielle Bruns said:
> UDP is a fun protocol - stateless, so blocking a DST of 53/UDP to
> the customer also will block responses to recursive queries that
> originate from SRC 53/UDP. Connection tracking sorta makes it
> stateful to a point, but it can get ugly
On 26/02/16 09:16, Brielle Bruns wrote:
> Place the blame for local resolvers listening on WAN squarely where it
> belongs - the router vendors who make these devices.
As long as ISPs massively buy crappy hardware pieces, vendors will make
them and sell them. That's how it works.
Best regards.
On 27 Feb 2016, at 0:16, Brielle Bruns wrote:
You can't do anything about idiots buying a pro-sumer/professional
device like an EdgeRouter and misconfiguring it, but Linksys/Cisco,
D-Link, Netgear, etc that are targeted towards home users should be
held to the fire for that kind of screw up.
016 07:19
To: Mikael Abrahamsson
Cc: NANOG list
Subject: Re: Thank you, Comcast.
I agree,
At the very least things like SNMP/NTP should be blocked. I mean how many
people actually run a legit NTP server out of their home? Dozens? And the
people who run SNMP devices with the default/common communi
On 27 Feb 2016, at 0:16, Brielle Bruns wrote:
UDP is a fun protocol - stateless, so blocking a DST of 53/UDP to the
customer also will block responses to recursive queries that originate
from SRC 53/UDP.
Which are relatively rare, these days. Any device doing this by default
is likely
day, February 26, 2016 11:09:03 AM
Subject: Re: Thank you, Comcast.
On 2/26/16 10:01 AM, Mike Hammett wrote:
> They have to be honest or face litigation. Transparency is the biggest (if
> not the only) useful thing out of the Open Internet Order.
As long as the profit from doing
On Fri, Feb 26, 2016 at 11:04:49AM -0500, Curtis Maurand wrote:
> I run my own resolver from behind my firewall at my home. I don't
> allow incoming port 53 traffic. I realize there's not a lot of
> privacy on the net, but I don't like having my dns queries tracked
> in order to target
There is so much arrogance in these posts saying that these things should
be blocked because it's best or because it's negligible. The point of
having an open internet is that people are going to have use cases that you
haven't even thought of and should not be hindered. Even the reasons you
have
I don't have a problem with an ISP blocking certain things by default as long
as they identify them like Comcast has done especially for consumer service.
It would be nice if there was a way to opt out of the protection for the few
people that need those services either through a web interface
On Fri, Feb 26, 2016 at 08:55:20AM -0700, Keith Medcalf wrote:
>
> On Friday, 26 February, 2016 08:13, jason_living...@comcast.com said:
>
> > FWIW, Comcast's list of blocked ports is at
> > http://customer.xfinity.com/help-and-support/internet/list-of-blocked-
> > ports/. The suspensions this
On 2/26/16 10:02 AM, Chris Adams wrote:
Except that half the time people run their own DNS resolvers because
their provider's resolvers are
Resolver != authoritative server. Your local DNS resolver doesn't need
to be (and should not be) listening to port 53 on the Internet. Only
DNS
Sent: Friday, February 26, 2016 10:01 AM
To: NANOG list
Subject: Re: Thank you, Comcast.
Works fine on a default Chrome installation. *shrugs*
-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
Midwest-IX
http://www.midwest-ix.com
- Original Message -
From
On 2/26/16 10:01 AM, Mike Hammett wrote:
They have to be honest or face litigation. Transparency is the biggest (if not
the only) useful thing out of the Open Internet Order.
As long as the profit from doing shady things and lying is greater then
the cost of settling a lawsuit, companies
nanog.org
Sent: Friday, February 26, 2016 10:47:55 AM
Subject: Re: Thank you, Comcast.
I disagree...the point of what I sent (missed by some) is that in just this
small audience there are many that do/have/know about customers that run their
own stuff.
Trying to blow it off, or minim
Once upon a time, Brielle Bruns said:
> >I'm fine with that. Residential customers shouldn't be running DNS
> >servers anyway and as far as the outside resolvers to go, e... I
> >see the case for OpenDNS given that you can use it to filter (though
> >that's easily bypassed),
: "Brielle Bruns" <br...@2mbit.com>
To: "Mike Hammett" <na...@ics-il.net>
Cc: nanog@nanog.org
Sent: Friday, February 26, 2016 10:46:27 AM
Subject: Re: Thank you, Comcast.
On 2/26/16 9:15 AM, Mike Hammett wrote:
> I think you'd be hard pressed to find more tha
On 26 Feb 2016, at 23:44, Blake Hudson wrote:
Jason, how do you propose to block SSDP without also blocking
legitimate traffic as well (since SSDP uses a port > 1024 and is used
as part of the ephemeral port range on some devices) ?
I'm not Jason, but blocking specific port-pairs such as
.midwest-ix.com
>
> - Original Message -
>
> From: "Brielle Bruns" <br...@2mbit.com>
> To: nanog@nanog.org
> Sent: Friday, February 26, 2016 9:56:40 AM
> Subject: Re: Thank you, Comcast.
>
>> On 2/26/16 6:27 AM, Mike Hammett wrote:
>&
On 2/26/16 9:15 AM, Mike Hammett wrote:
I think you'd be hard pressed to find more than a tenth of a percent of
people attempt to run their own DNS server. Some do because they think
it'll be better in some way. Rare is the occasion where anything user
configured would outperform a local DNS
Livingood, Jason wrote on 2/26/2016 9:12 AM:
FWIW, Comcast's list of blocked ports is at
http://customer.xfinity.com/help-and-support/internet/list-of-blocked-ports/.
The suspensions this week are in direct response to reported abuse from
amplification attacks, which we obviously take very
On 26 Feb 2016, at 23:15, Mike Hammett wrote:
I think you'd be hard pressed to find more than a tenth of a percent
of people attempt to run their own DNS server.
You'll find a heck of a lot more of them doing so unknowingly, because
they're running misconfigured, abusable CPE devices which
On 26 Feb 2016, at 23:02, Damian Menscher via NANOG wrote:
What I'd much rather see Comcast do is use their netflow to trace the
source of the spoofed packets (one of their peers or transit
providers, no
doubt) and strongly encourage (using their legal or PR team as needed)
them
to trace
no form of trickery.
-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
Midwest-IX
http://www.midwest-ix.com
- Original Message -
From: "Brielle Bruns" <br...@2mbit.com>
To: nanog@nanog.org
Sent: Friday, February 26, 2016 9:56:40 AM
Subjec
I run my own resolver from behind my firewall at my home. I don't allow
incoming port 53 traffic. I realize there's not a lot of privacy on the
net, but I don't like having my dns queries tracked in order to target
advertising at me and for annoying failed queries to end up at some
On Fri, Feb 26, 2016 at 6:28 AM, Jared Mauch wrote:
> As a community we need to determine if this background radiation and these
> responses are proper. I think it's a good response since vendors can't do
> uRPF at line rate and the major purchasers of BCM switches don't
On 2/26/16 7:31 AM, Keith Medcalf wrote:
ISP's should block nothing, to or from the customer, unless they make it
clear*before* selling the service (and include it in the Terms and Conditions
of Service Contract), that they are not selling an Internet connection but are
selling a partially
Thats not really a fair comparison, I think a lot of people have issues with
people censoring/controlling/prioritizing internet access to make money. Its a
somewhat more nuanced conversation when you are talking about doing the same
thing to prevent abuse.
Cheers,
Max
> On Feb 26, 2016, at
On Feb 26, 2016 8:34 AM, "Keith Medcalf" wrote:
>
>
> ISP's should block nothing, to or from the customer, unless they make it
clear *before* selling the service (and include it in the Terms and
Conditions of Service Contract), that they are not selling an Internet
connection
uot; <nanog@nanog.org>
Cc: "Nirmal Mody" <nirmal_m...@cable.comcast.com>
Sent: Friday, February 26, 2016 9:55:20 AM
Subject: RE: Thank you, Comcast.
On Friday, 26 February, 2016 08:13, jason_living...@comcast.com said:
> FWIW, Comcast's list of blocked ports is at
> http
On 2/26/16 6:27 AM, Mike Hammett wrote:
"you will also block legitimate return traffic if the customers run
their own DNS servers or use opendns / google dns / etc."
I'm fine with that. Residential customers shouldn't be running DNS
servers anyway and as far as the outside resolvers to go,
ruary, 2016 07:19
> To: Mikael Abrahamsson
> Cc: NANOG list
> Subject: Re: Thank you, Comcast.
> I agree,
> At the very least things like SNMP/NTP should be blocked. I
> mean how many
> people
icing/Congestion policies, inbound and outbound
>
> Some ISPs are good at this and provide opt-in/out methods for at least the
> first three on the list. Others not so much.
>
>> -Original Message-
>> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Maxwell Cole
>> Se
> On Feb 26, 2016, at 06:31, Keith Medcalf wrote:
>
> ISP's should block nothing, to or from the customer, unless they make it
> clear *before* selling the service (and include it in the Terms and
> Conditions of Service Contract), that they are not selling an Internet
>
: "Keith Medcalf" <kmedc...@dessus.com>
To: "NANOG list" <nanog@nanog.org>
Sent: Friday, February 26, 2016 8:31:47 AM
Subject: RE: Thank you, Comcast.
ISP's should block nothing, to or from the customer, unless they make it clear
*before* selling the serv
he list. Others not so much.
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Maxwell Cole
Sent: Friday, 26 February, 2016 07:19
To: Mikael Abrahamsson
Cc: NANOG list
Subject: Re: Thank you, Comcast.
I agree,
At the very least things like SNMP/NTP should be blo
On 2/26/16, 8:27 AM, "NANOG on behalf of Mike Hammett"
wrote:
>"you will also block legitimate return traffic if the
>customers run their own DNS servers or use opendns / google dns / etc."
>
>I'm fine with that. Residential customers
And you¹d be correct (about SSDP). ;-)
- Jason (Comcast)
On 2/25/16, 10:52 PM, "NANOG on behalf of Paras Jha"
wrote:
>It's interesting that they'd call about DNS amplification... You don't
>typically see DNS amplified floods
Behalf Of Maxwell Cole
> Sent: Friday, 26 February, 2016 07:19
> To: Mikael Abrahamsson
> Cc: NANOG list
> Subject: Re: Thank you, Comcast.
>
> I agree,
>
> At the very least things like SNMP/NTP should be blocked. I mean how many
> people actually run a legit NTP server out of the
Most of the NTP hosts have been remediated or blocked.
Using QoS to set a cap of the amount of SNMP and DNS traffic is a fair response
IMHO.
Some carriers eg: 7018 block chargen wholesale across their network. We haven't
taken that step but it's also something I'm not opposed to.
As a
I agree,
At the very least things like SNMP/NTP should be blocked. I mean how many
people actually run a legit NTP server out of their home? Dozens? And the
people who run SNMP devices with the default/common communities aren’t the ones
using it.
If the argument is that you need a Business
Dovid Bender" <do...@telecurve.com>
To: "Mike Hammett" <na...@ics-il.net>, "NANOG" <nanog-boun...@nanog.org>
Cc: "NANOG list" <nanog@nanog.org>
Sent: Friday, February 26, 2016 7:32:09 AM
Subject: Re: Thank you, Comcast.
I had a client
On Fri, 26 Feb 2016, Nick Hilliard wrote:
Traffic from dns-spoofing attacks generally has src port = 53 and dst
port = random. If you block packets with udp src port=53 towards
customers, you will also block legitimate return traffic if the
customers run their own DNS servers or use opendns
On 26 Feb 2016, at 20:17, Nick Hilliard wrote:
If you block packets with udp src port=53 towards
customers, you will also block legitimate return traffic if the
customers run their own DNS servers or use opendns / google dns / etc.
Actually, what they're talking about is blocking packets
On Thursday, February 25, 2016, Mike Hammett wrote:
> I know. It seems odd, doesn't it?
>
> They're actually suspending people's accounts for DNS amplification. My
> aunt got a call about it tonight. I had already firewalled that off on her
> router before they called, but
Date: Fri, 26 Feb 2016 07:27:50
Cc: NANOG list<nanog@nanog.org>
Subject: Re: Thank you, Comcast.
"you will also block legitimate return traffic if the
customers run their own DNS servers or use opendns / google dns / etc."
I'm fine with that. Residential customers shouldn't be
oobar.org>
To: "Mikael Abrahamsson" <swm...@swm.pp.se>
Cc: "NANOG list" <nanog@nanog.org>
Sent: Friday, February 26, 2016 7:17:30 AM
Subject: Re: Thank you, Comcast.
Mikael Abrahamsson wrote:
> Why isn't UDP/53 blocked towards customers? I know histori
Mikael Abrahamsson wrote:
> Why isn't UDP/53 blocked towards customers? I know historically there
> were resolvers that used UDP/53 as source port for queries, but is this
> the case nowadays?
>
> I know providers that have blocked UDP/53 towards customers as a
> countermeasure to the
quot;Jared Mauch" <ja...@puck.nether.net>
Cc: "NANOG list" <nanog@nanog.org>
Sent: Friday, February 26, 2016 12:20:28 AM
Subject: Re: Thank you, Comcast.
On Thu, 25 Feb 2016, Jared Mauch wrote:
> Make sure you permit TCP/53 for DNS queries so if TC=1 lookups wor
Totally agree. It's silly that my home lab has to cost me 5x the
normal rate if I want to use some of the standard ports but that is
normal now.
On Fri, Feb 26, 2016 at 12:27 AM, Mark Andrews wrote:
>
> In message , Mikael
>
In message , Mikael Abrah
amsson writes:
> On Thu, 25 Feb 2016, Jared Mauch wrote:
>
> > Make sure you permit TCP/53 for DNS queries so if TC=1 lookups work.
>
> Speaking of which, historically ISPs have been blocking TCP/135, TCP/445
> and
On Thu, 25 Feb 2016, Jared Mauch wrote:
Make sure you permit TCP/53 for DNS queries so if TC=1 lookups work.
Speaking of which, historically ISPs have been blocking TCP/135, TCP/445
and a few others towards customers (at least that's what I know). TCP/25
seems to be blocked as well.
Why
SSDP, DNS and other amplification is a big issue for large consumer networks
like Comcast.
This is something I’m hoping other vendors take seriously (eg: Netgear) when it
comes to their usage of DNSMASQ and other tools on-box and iptables configs
that promote spoofing by using IP ranges vs
On 26 Feb 2016, at 10:52, Paras Jha wrote:
You don't typically see DNS amplified floods coming from home ISPs.
Actually, it's quite common, as a lot of CPE have abusable DNS
forwarders running on their public interfaces.
DNS, SSDP, and SNMP reflection/amplification quite commonly emanate
It's interesting that they'd call about DNS amplification... You don't
typically see DNS amplified floods coming from home ISPs. I would imagine
SSDP amplification is a far greater issue for any home ISP.
On Thu, Feb 25, 2016 at 10:46 PM, Mike Hammett wrote:
> I know. It seems
+ Redmond, WA. Good job guys.
mehmet
On Apr 17, 2014, at 7:28 PM, Michael T. Voity mvo...@uvm.edu wrote:
To the Comcast v6 Team,
Thank you for enabling my CMTS for v6 in Colchester, VT
Works great!
Thanks,
-Mike
Michael T. Voity
Network Engineer
University of Vermont
Please don't reply to a message on the list and change the subject line.
Doing so causes your new topic to show under the previous one for
those using mail readers that thread properly, and may cause your
message to be missed altogether if someone has blocked that thread.
Instead, save the
93 matches
Mail list logo