nanog mailing list archives
Re: PlayStationNetwork blocking of CGNAT public addresses
From: Rich Kulawiec <rsk () gsp org>
Date: Fri, 23 Sep 2016 08:35:11 -0400
On Mon, Sep 19, 2016 at 09:55:56PM +0200, Florian Weimer wrote:
Github users create several orders of magnitude more SSH connections [snip]
Ah. I didn't know that. Thanks!
Sure, and people already do this, and are not very flexible about it. Support staff isn't briefed, and claim they do such stochastic behavior adjustment across all (server) products, which I find difficult to believe.
You're right: those are serious drawbacks. If folks are going to do this, then they need to do it right, which means making sure everyone is in the loop and making sure that support staff are clueful/diligent enough to investigate -- or at least hand off to someone who'll investigate. This stuff works but only if you're adaptive/flexible and willing to learn and adjust on an ongoing basis.
I'm worried that this leads to a future where tunnelling everything over HTTP(S) is no longer sufficient. You have to make it look like a web server or browser, too. Everything else risks triggering automated countermeasures.
And as someone who constantly beats the "Internet != web" drum, I second this. Marginalizing other protocols doesn't serve us well in short term (it breaks things) or the long term (it stifles innovation). ---rsk
Current thread:
- RE: PlayStationNetwork blocking of CGNAT public addresses, (continued)
- RE: PlayStationNetwork blocking of CGNAT public addresses michalis.bersimis (Sep 16)
- Re: PlayStationNetwork blocking of CGNAT public addresses A . L . M . Buxey (Sep 16)
- Re: PlayStationNetwork blocking of CGNAT public addresses Ca By (Sep 16)
- RE: PlayStationNetwork blocking of CGNAT public addresses Tony Wicks (Sep 16)
- Re: PlayStationNetwork blocking of CGNAT public addresses Masataka Ohta (Sep 16)
- Re: PlayStationNetwork blocking of CGNAT public addresses Tom Smyth (Sep 18)
- Re: PlayStationNetwork blocking of CGNAT public addresses Rich Kulawiec (Sep 18)
- Re: PlayStationNetwork blocking of CGNAT public addresses Florian Weimer (Sep 18)
- Re: PlayStationNetwork blocking of CGNAT public addresses Rich Kulawiec (Sep 19)
- Re: PlayStationNetwork blocking of CGNAT public addresses Florian Weimer (Sep 19)
- Re: PlayStationNetwork blocking of CGNAT public addresses Rich Kulawiec (Sep 23)
- Re: PlayStationNetwork blocking of CGNAT public addresses Rich Kulawiec (Sep 18)
- Re: PlayStationNetwork blocking of CGNAT public addresses Mike Hammett (Sep 18)
- Re: PlayStationNetwork blocking of CGNAT public addresses Florian Weimer (Sep 18)
- Re: PlayStationNetwork blocking of CGNAT public addresses Simon Lockhart (Sep 18)
- Re: PlayStationNetwork blocking of CGNAT public addresses Florian Weimer (Sep 18)
- Re: PlayStationNetwork blocking of CGNAT public addresses Simon Lockhart (Sep 18)