Thread: BREAKING NEWS: AT&T Blocks img.4chan.org

Oh god. Censorship, or AT&T helping with a DDoS? The thought of an ISP helping with a DDoS by blocking all traffic, without contacting the system admin? Ha.

And it's the admin of 4chan. Good luck, AT&T.


But, Net Neutrality? Communism?

Links:
http://pastebin.com/f299e40db
http://encyclopediadramatica.com/AT%...n#THIS_JUST_IN
http://www.reddit.com/r/reddit.com/c...o_img4chanorg/
http://www.inquisitr.com/30689/censo...locks-4chan-b/
http://mashable.com/2009/07/26/repor...locking-4chan/
http://tech.slashdot.org/story/09/07...-Part-of-4chan

And even a twitter search: http://search.twitter.com/search?q=AT%26T



Within 4 hours, the /b/tards found AT&T CEO's name, contact info, picture of his house, address, wife's name, and a Google Streetview image of his house...With that power, I expect a good fight.

Censorship is bad.

I thought that thing wasn't operational?!

I don't think this can be called censorship
This is damage control from AT&T

Someone was DDOS'ing 4chan with spoofed IP's (IP's belonging to AT&T)

When you contact a server over TCP/IP,
- You first send a SYN packet - I want to talk to you
- The server will respond with a SYN-ACK packet - I'm ready to talk
- Finally, you respond with an ACK packet - Ok, here it comes
- Then the actual data packets start flying around

If you spoof your source IP, the server will send it's SYN-ACK packets to the spoofed IP (who has no idea what to do with them, as they didn't ask for a conversation)
So, the spoofed client will just drop the packet

The server, having not received an ACK, will resend (up to 4 times) the SYN-ACK packet

DDOS'ing 4chan with spoofed IP's will result in the spoofed network (AT&T) being DOS'ed by the server (4chan)

This secondary, by-product DOS of the original DDOS, will potentially be up to 4 times as much as the original DDOS on 4chan

a simple (albeit crude) solution for AT&T, is to just block the IP from 4chan

Well, yes. That's one of the main rumors floating around. But, AT&T would have to contact 4chan's admins before doing that, and cutting access all of a sudden.

"moot" said AT&T never contacted him.

Originally Posted by [SomeGuy]

Well, yes. That's one of the main rumors floating around. But, AT&T would have to contact 4chan's admins before doing that, and cutting access all of a sudden.

"moot" said AT&T never contacted him.

Why would they have to contact anybody?

I've got a similar setup on my network
If I get flooded with bogus TCP packets, I block the source IP (only for a few hours)
It's all automated and is a crude, but effective way to nip DOS attacks in the bud

But AT&T blocking a server without contact?