nanog mailing list archives
Breaking the internet (hotels, guestnet style)
From: Jared Mauch <jared () puck nether net>
Date: Mon, 7 Dec 2009 18:00:40 -0500
On Dec 7, 2009, at 5:29 PM, John Levine wrote:
Will be interesting to see if ISPs respond to a large scale thing like this taking hold by blocking UDP/TCP 53 like many now do with tcp/25 (albeit for other reasons). Therein lies the problem with some of the "net neturality" arguments .. there's a big difference between "doing it because it causes a problem for others", and "doing it because it robs me of revenue opportunities".I do hear of ISPs blocking requests to random offsite DNS servers. For most consumer PCs, that's more likely to be a zombie doing DNS hijacking than anything legitimate. If they happen also to block 8.8.8.8 that's just an incidental side benefit.
I've found more and more hotel/edge networks blocking/capturing this traffic. The biggest problem is they tend to break things horribly and fail things like the oarc entropy test. They will often also return REFUSED (randomly) to valid well formed DNS queries. While I support the capturing of malware compromised machines until they are repaired, I do think more intelligence needs to be applied when directing these systems. Internet access in a hotel does not mean just UDP/53 to their selected hosts plus TCP/80, TCP/443. The University of Michigan Hospitals have a guestnet wireless that is ghetto and blocks IMAP over SSL. Attempts to get them to correct this have fallen on deaf ears. I can't even VPN out to work around the sillyness, which typically works in other hotel/guestnet scenarios. Providers to avoid: US Signal Corporation. (64.141.138.226 was my natted IP in a Hampton Inn depsite whois/swip). - Jared
Current thread:
- Re: news from Google, (continued)
- Re: news from Google Chris Hills (Dec 05)
- Re: news from Google Henry Linneweh (Dec 05)
- Re: news from Google Tony Finch (Dec 08)
- Re: news from Google Chris Hills (Dec 08)
- Re: news from Google Bret Clark (Dec 03)
- RE: news from Google Xavier Banchon (Dec 03)
- Re: news from Google Hank Nussbacher (Dec 03)
- Re: news from Google Michael Holstein (Dec 07)
- Re: random DNS, was news from Google John Levine (Dec 07)
- Breaking the internet (hotels, guestnet style) Jared Mauch (Dec 07)
- Re: Breaking the internet (hotels, guestnet style) Paul Timmins (Dec 07)
- Re: Breaking the internet (hotels, guestnet style) Brielle Bruns (Dec 07)
- Re: Breaking the internet (hotels, guestnet style) Jared Mauch (Dec 07)
- Re: Breaking the internet (hotels, guestnet style) Suresh Ramasubramanian (Dec 07)