[120080] in North American Network Operators' Group
Re: AT&T blocking individual IP addresses
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Wed Dec 9 11:06:20 2009
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: NANOG list <nanog@nanog.org>
Date: Wed, 9 Dec 2009 16:05:08 +0000
In-Reply-To: <f1dedf9c0912090803q7e4e6436h5a1decbb41d1ba3c@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Dec 9, 2009, at 11:03 PM, Scott Howard wrote:
> They are (authenticated-required) proxy servers with 10's of thousands of=
users behind them, so it's possible that they were seeing some bot-like tr=
affic from them, although the volume would have been tiny compared to the v=
olume of legitimate traffic.
So, if, say, AT&T customers are getting zorched from traffic behind those p=
roxies, then blocking them would make sense, no?
;>
Do you have visibility into the traffic into/out of those proxies, in order=
to determine if there's DDoS or spam or other undesirable traffic emanatin=
g from them?
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Injustice is relatively easy to bear; what stings is justice.
-- H.L. Mencken
