Month: March 2005

Sonic.net announces firewalling for DSL…

Wed Mar 30 17:16:27 PST 2005 — Sonic.net announces firewalling for DSL connections.

I am happy to announce that Sonic.net will be providing firewall protection for DSL connections, beginning on April 12th, about two weeks from now. There are more and more threats to computers which are coming from the Internet, so I’m very pleased that we’re launching this exciting new feature for Sonic.net DSL customers!

Firewalling helps protect your systems from various Internet threats, including worms, viruses and spam relaying. In the next couple weeks, prior to the deployment, you are welcome to change the initial filtering level using our new DSL filtering configuration tool at: sonic.sonic.net/members/dslfilter/

Sonic.net’s DSL port firewalling features provide various levels of protection for DSL connected computers. By using one of the three levels of filtering, you can protect your systems from many common Internet threats. If you’d like to change from the default, we suggest that you to select a level of protection which is appropriate for your type of Internet usage and your understanding of system security. For most customers, the default setting will provide a good degree of protection with little or no impact on your ability to use a full range of Internet applications.

Three levels of filtering are available:

Option One: Complete Inbound TCP Firewalling. This firewall rule set prevents any inbound TCP connections from being established, protecting your system from most types of Internet attacks.

Option Two (the default, recommended by Sonic.net): Common Exploitable Port Firewalling. This is the default firewall rule set applied to DSL circuits. It blocks traffic on port 25 (SMTP email) both to and from a customers circuit to any mail servers other than Sonic.net maintained servers as well as preventing communication on ports used by common Microsoft services that are frequently exploited.

Option Three: Port 25 Firewalling. This firewall rule set only restricts traffic on port 25 (SMTP email) to and from a customers circuit to any mail servers other than sonic.net maintained servers. This is the minimum recommended rule set. This rule set generally prevents your computer from being hijacked and used to send SPAM directly to other mail servers.

Finally, we’ve always offered static IP addresses and we do welcome customers running their own servers on static IPs, so an option to turn off all filtering for those customers is available as well. We recommend that you only exercise this option if you run a mail server yourself on your DSL connection. Please do be careful with system security if you elect to turn off all filtering!

For more details on the specifics, please see our DSL Firewalling FAQ at: www.sonic.net/support/faq/advanced/dsl_firewalling.shtml

For discussions on this topic, please do read and post to the local discussion group at news://news.sonic.net/sonic.dsl

-Dane, Kelsey, Nathan, Chris, etc.

New Inbound Mail Servers.

Wed Mar 23 13:46:37 PST 2005 — New Inbound Mail Servers. We added two new mail servers to handle MX services for inbound mail. The new servers will enable us to continue to make advancements in the quality of our MTA level SPAM, virus and phish blocking while also increasing the availability of our MX cluster. In order to properly utilize the new servers we’ve also updated the MX records for all of the domains that we are authoritative for. If we host MX services for a domain that we are not authoritative for users should update their zones to take advantage of the new servers. Any domain using us for mail should have the following MX records:

IN MX 10 mailin-01.mx.sonic.net. IN MX 10 mailin-02.mx.sonic.net.

Please direct any questions about the new MX servers to news://news.sonic.net/sonic.net -Kelsey and Augie

Scheduled Data Center Maintenance.

Mon Mar 21 17:07:11 PST 2005 — Scheduled Data Center Maintenance. On Tuesday and Wednesday, 3/22-23/05, we will be doing maintenance on the power system in the Santa Rosa data center. This activity will be fully scripted and we anticipate no interruption in service of any kind. -John, Russ and Clay

Office phone system problems.

Wed Mar 16 11:13:36 PST 2005 — Office phone system problems. This morning we experienced a phone system circuit outage which prevented the Sonic.net offices from receiving any inbound calls. All of our dial-up and other Internet services were functioning normally during the outage, but our support department, billing and other service departments were not reachable by phone. We have corrected the problem and apologize for any inconvenience. -Support and Ops

Another brief DoS attack was targeted at one…

Tue Mar 15 09:55:12 PST 2005 — Another brief DoS attack was targeted at one of our DSL subscribers in Santa Rosa. The customer’s circuit has been disabled and their IPs have been blocked at our borders pending further investigation on our part. During this time DSL customers terminated in Santa Rosa may have experience slow performance and packet loss on their DSL circuits. -Kelsey and Nathan

DoS Attack.

Mon Mar 14 11:39:53 PST 2005 — DoS Attack. A brief DoS attack was targeted at our network, most likely at a DSL customer terminated in Santa Rosa. While the attack was underway DSL customers in Santa Rosa may have experienced some loss and latency and associated issues. It’s not believed that the attack had much affect if any on other parts of our network. -Nathan, John and Kelsey

Update on Network Event.

Thu Mar 10 18:11:34 PST 2005 — Update on Network Event. Upon further investigation we were able to determine that the problem was not caused by a failure inside our network but that our L2 transport provider between Santa Rosa and San Jose was flooding both ends of our circuit with more than 100kpps of broadcast traffic saturating the Juniper RE CPUs at both ends. The CPU congestion on these two routers lead to some of our internal and external BGP and IGP sessions flapping leading to general network instability. Once the source of the problem was isolated and the link shut down the network healed itself. -Kelsey, Nathan, John, Zeke and Jared.

Backbone Network Degradation.

Thu Mar 10 16:49:14 PST 2005 — Backbone Network Degradation. A little after 4 PM today our router in San Jose failed. This affected our outside connectivity until we could reroute traffic onto backup circuits in San Francisco a short time ago. We are working now to diagnose the router. -Nathan, Kelsey and John

Loss from Santa Rosa to San Jose.

Tue Mar 8 08:55:37 PST 2005 — Loss from Santa Rosa to San Jose. This morning at around 7:55am our link from Santa Rosa to San Jose started to show packet drops. We shut the circuit down at 8:15am, leveraging our redundant gigabit ethernet ring between Santa Rosa, San Francisco and San Jose to provide healthy service despite the failure. Users may have experienced degraded service during this period. -Nathan

GlobalPops to begin restricting mail server…

Fri Mar 4 22:17:43 PST 2005 — GlobalPops to begin restricting mail server access. Our national dialup service provider is going to begin blocking our customers’ access to any other email forwarding servers besides mail.sonic.net. For most customers, this means no change. For any customer who sends email through another server, for instance, the one at their workplace, they will have to switch to mail.sonic.net instead. Please contact Sonic.net Tech Support if you have any questions. -John and Russ