[191491] in North American Network Operators' Group
Re: PlayStationNetwork blocking of CGNAT public addresses
daemon@ATHENA.MIT.EDU (Florian Weimer)
Sun Sep 18 09:56:41 2016
X-Original-To: nanog@nanog.org
From: Florian Weimer <fw@deneb.enyo.de>
To: Rich Kulawiec <rsk@gsp.org>
Date: Sun, 18 Sep 2016 15:56:30 +0200
In-Reply-To: <20160918130703.GA17415@gsp.org> (Rich Kulawiec's message of
"Sun, 18 Sep 2016 09:07:03 -0400")
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
* Rich Kulawiec:
> For example: if the average number of outbound SSH connections
> established per hour per host across all hosts behind CGNAT is 3.2,
> and you see a host making 1100/hour: that's a problem. It might be
> someone who botched a Perl script; or it might be a botted host
> trying to brute-force its way into something.
If you do this, you break Github.
(If I guess Simon's network correctly, then I've seen reports which
suggest that they might already be doing this.)
