Re: did facebook just DoS me?

[Damian Menscher via NANOG <nanog () nanog org>]

It might have been even more innocent than that.  There are some really
crappy consumer-grade firewalls out there that say "DoS Attack" any time
they receive an unexpected packet.  This most commonly occurs when the
device reboots (power outage) and a live TCP connection sends a keepalive
or a RST.  The end result is a flood of emails from customers to the abuse@
address of every major web company.  I'd love to track down the
manufacturers of these devices and get them to stop their fearmongering....

Damian

On Tue, Apr 4, 2017 at 9:35 AM, Compton, Rich A <Rich.Compton () charter com>
wrote:

> Any proof that you can provide that Facebook did indeed DoS you?  Unless
> it is an attack after a tcp 3-way handshake I highly doubt that it was
> actually Facebook and probably an attacker spoofing Facebook¹s source IPs
> (perhaps in hopes that the source IPs would be on your whitelist and not
> be blocked).
>
> Rich Compton  |      Principal Eng     |  314.596.2828
> 14810 Grasslands  Dr,    Englewood,      CO    80112
>
>
>
>
>
>
> On 4/3/17, 4:46 PM, "NANOG on behalf of Miguel Mata"
> <nanog-bounces () nanog org on behalf of mmata () intercom com sv> wrote:
>
> > Guys and gals,
> >
> > just received a DoS from supposedly Facebook. Any contact of way of
> > getting in touch with
> > them?
> >
> > Thanks.
>
> E-MAIL CONFIDENTIALITY NOTICE:
> The contents of this e-mail message and any attachments are intended
> solely for the addressee(s) and may contain confidential and/or legally
> privileged information. If you are not the intended recipient of this
> message or if this message has been addressed to you in error, please
> immediately alert the sender by reply e-mail and then delete this message
> and any attachments. If you are not the intended recipient, you are
> notified that any use, dissemination, distribution, copying, or storage of
> this message or any attachment is strictly prohibited.