AT&T Blocks 4chan Over DDoS… But May Not Like What Happens Next…
from the that-would-not-be-a-good-thing... dept
A few folks have submitted the news that, apparently, AT&T is blocking access to a certain subdomain of 4chan. I just checked on my own AT&T DSL account and it’s true that I can’t get there (I can get there if I don’t go via AT&T). That doesn’t mean that AT&T definitely is blocking it, but there are reports that folks at AT&T have admitted that it’s true. If you don’t know what 4chan is, the 4chan Wikipedia page is probably the best way to understand it. Even if the site is controversial for some, it does seem quite extreme for AT&T to do an outright block, without any official warning or immediate explanation. Outright blocking of websites, without recourse and without a clear explanation of why, is extremely questionable and the sort of “net neutrality” violation that the FCC would likely come down hard against. If it’s true that there’s a block, perhaps AT&T is assuming that no one serious (such as the FCC) would come to the defense of 4chan, but that might be a mistake (in part because AT&T probably won’t like what happens when 4chan decides to come to its own defense). Hopefully this will be explained away as a mistake. So far, the best explanation I’ve seen is (via 4chan) the claim that the subdomain was involved in some sort of DDoS attack, but you would think that, if that were the case, AT&T would have just made that clear from the beginning. Not coming out with a clear and concise explanation just looks bad, and seems to be stirring up 4chan folks to make a statement — something AT&T almost certainly does not want. AT&T may be able to tap your phones, but getting on the wrong side of 4chan seems like a bad, bad idea.
Update: As expected, AT&T has confirmed (as we believed) that this was over a DDoS attack:
Beginning Friday, an AT&T customer was impacted by a denial-of-service attack stemming from IP addresses connected to img.4chan.org. To prevent this attack from disrupting service for the impacted AT&T customer, and to prevent the attack from spreading to impact our other customers, AT&T temporarily blocked access to the IP addresses in question for our customers. This action was in no way related to the content at img.4chan.org; our focus was on protecting our customers from malicious traffic.
Overnight Sunday, after we determined the denial-of-service threat no longer existed, AT&T removed the block on the IP addresses in question. We will continue to monitor for denial-of-service activity and any malicious traffic to protect our customers.
That said, I still think AT&T failed here, in that they did not make this clear from the outset. If they had stated upfront what the situation was, in conjunction with the temporary block, they would have been much better off. But by silently blocking, they kicked off a firestorm that had to have been expected by anyone aware of 4chan.
Filed Under: 4chan, blocking, ddos, isps, net neutrality
Companies: at&t
Comments on “AT&T Blocks 4chan Over DDoS… But May Not Like What Happens Next…”
Way to go AT&T to block one of the top 5 most popular sites on the entire web.
4chan’s clientele aren’t the most forgiving people I’ve seen, either.
Re: Re:
True: Anonymous does not forgive.
DDoS FROM 4chan?
I think they’ll find that, while it may be people from 4chan doing things like DDoSing, it won’t be 4chan itself doing the attacks. Start down that road, and you’ll probably find that just about any site that has excitable folk on it can be accused of organising a DDoS at some point…
I’m glad I stocked up on popcorn, this one promises to be entertaining 😀
I wonder what AT&T’s home page will say tomorrow morning. It probably won’t be what AT&T thinks it says.
Now owners own ISP blocking him
hmm according to to wiki now moot’s (site owner) own isp (Cogent Communications) is blocking 4chan
If this is true got feeling this whole thing will be related to the DDos attacks, if you look at 4chan status page they were under DDoS attack themselves just over a week ago
I fear for AT&T’s site it was indeed intentional.
4chan appears to be under attack right now..
The site appears to be glacially slow right now and some boards are not accessible at all. It’s probably a continuation of the attack(s) that started last week. moot has backed off the claim that his own isp is blocking him btw, I suspect that it’s just slow..
It’s a serious attack though..
Who have (haven’t) they annoyed this time?
Network Neutrality? Hah!
I remember a few years ago when the US invaded Iraq and France didn’t go along with it. Cox was my ISP at the time and I suddenly couldn’t directly connect to any addresses assigned to French based ISPs, but I could if I went through a proxy. I went round and round with Cox tech support who swore up and down that Cox wasn’t blocking those addresses and that they would know if they were. Well, finally I pulled some strings and got an engineering insider at Cox to check for me. Sure enough, the network administrator for my region had put a block on those addresses. So it wasn’t nationwide, just my region. His excuse was that the network was under DDOS attack. From every ISP in the whole country of France, apparently. Funny that none of the the Cox networks in any other regions noticed this “attack”. Funny also that the block remained in place for almost 2 years, until Cox sold the system to another company who then lifted the block. My insider friend speculated that the admin probably had a stick up his butt about France not supporting the invasion and decided it was his patriotic duty to block access to French ISPs in retaliation.
Any way, the moral of the story is that ISPs can and do block things, even for political reasons, and I have yet to see the FCC do anything about it. They can always claim it’s for “security” if they have to.
Common Carrier
If it wasn’t involved in a DDOS attack, doesn’t this mean AT&T could stand to lose it’s common carrier status?
AT&T blocked AOL from their backbone a few years back, without warnings or explanations, due to DDoS attacks and AOL’s lack of action to stop it. So AT&T blocked AOL for several days, and AOL users were left stranded on a small part of the American network and no where to go.
So it’s not the first and won’t be the last they take care of the issue first, and publicly address it later.
4chan being blocked
AS far as I can tell, it’s most of At&T’s service that’s blocking the img.4chan.org domain, which hosts the two least work-safe boards, /b/ and /r9k/.
This is something that is, as far as I can tell, highly suspicious AND a dangerous precedent for neutrality.
But I am completely unsurprised by who has done this.
Re: 4chan being blocked
umm… I know you didn’t just say that /b/ was work safe…
Re: Re: 4chan being blocked
I’m not the person who wrote the post, but he said “least work-safe”
I have ATT and i seem to be able to get there just fine.
LOLCATZ
AT&T iz in ur web, blockin ur 4chan.
http://img193.imageshack.us/img193/2523/1248672053880.png
Screenshot of an email from the president of UnWired (another ISP that also blocked img.4chan.org, or more specifically the IP address for that subdomain).
Oooh, fireworks. I can’t wait.
Blocking
I pay AT&T for access not censorship! Unfortunately, AT&T is one of those big corporations that can make up truths endlessly and almost never get tagged for it. I hope this is not the case.
Can’t wait to see how the btards react to this. AT&T will learn a thing or two about scientology, probably. Ilfar, can I borrow some of your pop corn?
Metblogs reports that the block is up (or it never actually happened), which would be very, very boring.
AT&T's closed
All there IP’s have AIDS.
4chan should just be blocked by everyone .. talk about a waste of resources and a gathering of the stupidest people ever… heh. Plus now they make the “news” so expect more stupid people to join. Like they needed the exposure.
Re: blocked by everyone
Not the point.
If you like their content or not is not the issue. If there are people wanting to go there (and clearly there are) then who are you, or AT&T, to say they should/cannot?
If people started blocking anything they simply didn’t approve of than the web would be gone for good.
Re: Re:
Dude, shhhhhh! you might bring their unholy wrath down on us!
Re: Re:
“talk about a waste of resources and a gathering of the stupidest people ever”
And this is a good, could you imagine if they had no “home” anymore, they would spread everywhere else
My 4chan live forever
Goddamnit! I just changed from Time Warner’s bandwidth capping asses to this crap. Now I’ve got to change again?!?!
Is there an ISP out there that doesn’t suck?
In a related note, this /b/tard appears to still have access…lurking whilst I can.
AT&T has NO idea who they are dealing with do they?
The particular server being blocked has been under heavy DDOS attack for weeks now. Due to the nature of the attack being used, the DDOS not only floods the server, but also a large amount of AT&T’s customers. The block was temporary to stem the effects of the attack on their customers, and I believe has been lifted already.
good christ, does anyone at AT&T know what they’re doing? 4Chan maniacs live for this kind of stuff.
this DSL user not blocked
My DSL is through Qwest, but more important (I think) is the fact that I use a private ISP.
Altho I’d never been to 4chan, I had no trouble accessing their site.
I don’t think it’s highly believable that they would block a whole site because “an AT&T customer” (note the singular) had a problem. Or at least, that’s as dangerous as blocking it because they don’t like it. They can always come up with a single user who has problems with a site they don’t like. Specially since they blocked /b/ and not, say /ck/ (you had to check to know which one that is, right?).
Re: Re:
By ‘a customer’, I’m pretty sure AT&T meant something like “Mega Corp A’s entire visible network and corporate-wide public access infrastructure” rather than ‘a person’.
I agree with another poster: if it looked like the DDoS came from 4chan, it was probably just a springboard rather than the originator. That being said, a network administrator, particularly one with so many people depending on its service, really *needs to actively defend against attacks when they are in progress. Its not just commerce that gets disrupted, but also free-commerce.
As long as they actually restore access to innocent sites caught up in the DDoS, I don’t see a problem with what they did.
Still…. it had to be 4Chan. Poor AT&T.
Unlikely 4chan was "attacking" AT&T
What most likely happened is, large numbers of AT&T customers are compromised, and were unknowingly used as zombies to attack 4chan.
This to someone obviously incompetent at AT&T looked like 4chan attacking AT&T. So instead of blocking the customers or providing them with information on how to uninflect their computers, the problem still exists.
Better description of 4chan
I prefer the Encyclopedia Dramatica’s wiki explaining 4chan:
http://encyclopediadramatica.com/4chan (NSFW)
Umm, if the attack from (compromised) AT&T customer machines is causing trouble with AT&T’s network, then they should cut off those customers until they clean up their machines. block the people actually causing the problems, not the target of the attack.
Problem solved.
the problem was that 4chan was under a DDOS, specifically a Syn flood basically person A spams the server with connect requests while saying he is really person C, the server sends things to person C but person C isn’t expecting anything and so with ignores the response or responds with an error. this creates a huge load not only on the server, but Person C and in this case Person C happens to be on AT&T so AT&T cut off access to the server for a bit to stop the flow
And once again, it NEVER fails with the incessant lying, as lying is a way of life for these hacker creeps. I salute AT&T for blocking viruses, trojans and nasty spider scripts, as that is what the REAL truth is as to WHY AT&T has flashed the middle finger [blocked] to 4 Chan. Why should AT&T waste time and energy in dealing with viruses, trojans and uncontrollable script programs emanating from the 4 Chan site?
I don’t condone censorship and I certainly don’t condone lies “in the name of lulz”. The only thing 4 Chan has proven again and again, is that they are infantile and violent. A bunch of two year olds who go on tirades. And just like an out of control two year old, they need some REAL hard slaps from the school of hard knocks.
Any consequences or denial of internet access to AT&T customers due to NAZI actions emanating from 4 Chan [or any other hacker creeps for that matter], I pray that they are caught, rounded up, prosecuted beyond the extent of the law, thrown in a windowless cell and locked up forever until the day they die.
I commend AT&T for taking the step forward and I sincerely hope that other ISP’S follow suit ASAP. ENOUGH IS ENOUGH. Hackers cause destruction, chaos, waste everyones time and energy. Normal people on the net are SICK AND TIRED of these two year old tantrum antics that 4 Chan displays on a daily basis. These hacker creeps really and truly need to GROW THE F*** UP.
Re: Re:
Nitpicking, but technically, those on 4Chan are crackers; hackers is the general term for people messing with code in general.
Also, the key thing is that this wasn’t announced in the initial report by AT&T. This, more than anything, makes it look very suspicious, and more like the update was more damage limitation.
Re: Re:
uh, they weren’t sending out viruses or trojans and if they were, blocking the webserver doesn’t do anything to slow the propagation. While most on 4chan are infantile and some know how to use scripts most know nothing about hacking or cracking. Their main form of attack on other websites is to flood the forums with junk, the ones that have any capability to do real damage are few and far between.
you need to learn a bit more before you go on a tirade.
here is a network engineer from unWired explaining why they had blocked 4Chan as well
“There has been alot of customers on our network who were complaining about ACK
scan reports coming from 207.126.64.181. We had no choice but to block that
single IP until the attacks let up. It was a decision I made with the gentleman
that owns the colo facility currently hosts 4chan. There was no other way around
it. I’m sure AT&T is probably blocking it for the same reason. 4chan has been
under attack for over 3 weeks, the attacks filling up an entire GigE. If you
want to blame anyone, blame the script kiddies who pull this kind of stunt.
Regards,
Shon Elliott
Senior Network Engineer
unWired Broadband, Inc.”
I would imagine there is some time delay in a large organization like AT&T’s between the technical people that blocked the site, and the media people that gave the press release.