funsec mailing list archives
Re: More info
From: Drsolly <drsollyp () drsolly com>
Date: Sun, 15 Jan 2006 18:13:04 +0000 (GMT)
I've just had a call back from Cable & Wireless. They're pretty sure now that it's a problem in Linx, and they're following it through on that. This is the first light I've seen on this. I've put it to them, that if they dn't get it fixed by the time that business opens on Monday, they'll get a shitstorm of support calls from major customers who can't transfer files. Thanks to everyone for their suggestions and traceroutes. I'll post any further info that I get. On Sun, 15 Jan 2006, Fergie wrote:
On possibility, although very slight, is that there could be a repeater somewhere in the telco infrastucture that is nominally bad -- or ready to go tits up. In my years working in the telco world and data networking, I have seen this happen on a number of ocassions. YMMV, - ferg -- Drsolly <drsollyp () drsolly com> wrote: I've determined two more byte sequences that trigger the block, in addition to bc bc bc bc bc bc There's also 1c 1c 1c 1c 1c 1c and e4 64 1c 1c 1c 1c Which means there's probably other sequences that I hven't narrowed down on yet. Please keep supplying the Works/not works info and the traceroutes. I've got a hypothesis now that the culprit is the London Internet Exchange (linx), because that's the common factor in the bad ones, and it's in none of the good ones. They run 100 gbit/sec. It's unthinkable that they would be doing any sort of packet inspection, though, so I'm still very much of an open mind. -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- More info Drsolly (Jan 14)
- Re: More info Jon O. (Jan 14)
- <Possible follow-ups>
- Re: More info Fergie (Jan 15)
- Re: More info Drsolly (Jan 15)