nanog mailing list archives
Re: AT&T mobile intercepting TCP sockets?
From: Eric Kuhnke <eric.kuhnke () gmail com>
Date: Mon, 21 May 2018 15:08:12 -0700
Oh, I'm sure that'll never be abused by any hostile nation-state-owned monopoly telecom that likes to block/ban/MITM traffic, ever! On Mon, May 21, 2018 at 1:53 PM, Ca By <cb.list6 () gmail com> wrote:
On Mon, May 21, 2018 at 1:11 PM <lists () as23738 net> wrote:IME ATT has intercepted virtually everything on mobile (this is on a hotspot) - If I curl a HTTP vs HTTPS site, I get a different IP on each (one is obviously a shared web proxy); if I download images, they won't match md5-wise with the original version, etc. I have trouble connecting toVPNsthat aren't standard SSL VPNs. They appear to MITM all web traffic they can. Using third party DNS servers has questionable results.AT&Fee is also a key player in undermining http2 security with their “trusted proxy” https://tools.ietf.org/html/draft-loreto-httpbis-trusted-proxy20-01On Mon, May 21, 2018, at 12:35 PM, Chris Adams wrote:I ran into an odd issue with access to a website I manage from AT&T mobile devices this weekend. The website worked for everybody not on AT&T mobile, and AT&T mobile users could access other sites; theproblemwas just this combination. Android and iOS phones, as well as a Linux system tethered to anAndroidphone, all had the same problem. On the Linux system, I disabled IPv6 in Firefox, and it could then connect. Browsers got various"connectionreset" type errors; on Linux, I could telnet to port 80 or 443, and it would connect and immediately close. The site does have an IPv6 address, but I had missed getting the webserver to listen on IPv6 (my mistake). Adding that looks to have solved the problem. When I ran tcpdump on the server and had someone try to connect from their AT&T mobile iPhone, I saw three connection attempts a few tenths of a second apart (all refused by the server). My question is this: is AT&T mobile intercepting the TCP socket (and not handling "connection refused" correctly)? Is that a known thing? -- Chris Adams <cma () cmadams net>
Current thread:
- AT&T mobile intercepting TCP sockets? Chris Adams (May 21)
- Re: AT&T mobile intercepting TCP sockets? Jared Mauch (May 21)
- Re: AT&T mobile intercepting TCP sockets? lists (May 21)
- Re: AT&T mobile intercepting TCP sockets? Ca By (May 21)
- Re: AT&T mobile intercepting TCP sockets? Eric Kuhnke (May 21)
- Re: AT&T mobile intercepting TCP sockets? Ca By (May 21)
- Re: AT&T mobile intercepting TCP sockets? Eric Kuhnke (May 21)