Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
The Internet Censorship Security

AT&T Blocks Part of 4chan 342

holdenkarau writes "Several news sources (Mashable, The Inquistr, etc.) are reporting that AT&T is blocking in the southern United States. That server is used for the infamous /b/ board (the home of anonymous). TechCrunch calls the decision to block 4chan 'stupid,' noting that they may have 'opened perhaps the most vindictive, messy can of worms.' The Inquisitr suggests that 'The global internet censorship debate landed in the home of the free.' moot (who runs 4chan) asks users to call AT&T, while some others suggest more drastic action (like cutting AT&T fiber)." Update: 07/27 09:23 GMT by T : Readers' comments below suggest that a) the purpose of the block was to curtail the effects of a serious DDoS attack and b) that the block has now been lifted, at least for some regions.
This discussion has been archived. No new comments can be posted.

AT&T Blocks Part of 4chan

Comments Filter:
  • by jx100 ( 453615 ) on Monday July 27, 2009 @02:03AM (#28833573) []

    The president of unWired (a much more reputable ISP) has also blocked the same server. A DDoS was apparently attacking said server which wast travelling over both lines. According to this post, the block was due solely to stop the DDoS.

    • by Calydor ( 739835 ) on Monday July 27, 2009 @02:05AM (#28833599)

      So to stop a DDoS attack on a server, they remove any and all access to that server?

      Am I the only one seeing the irony here?

      • Re: (Score:2, Informative)

        So to stop a DDoS attack on a server, they remove any and all access to that server?

        How else would you do it?

      • by KDingo ( 944605 ) on Monday July 27, 2009 @02:32AM (#28833779)

        I was confused until I read this. []

        If IP source headers are spoofed to somewhere else, say to AT&T networks, it makes sense to block them

        • by Megane ( 129182 ) on Monday July 27, 2009 @08:05AM (#28835375) Homepage

          So the problem isn't AT&T, and the problem isn't really even the users (or more likely zombie bots) who are DDoSing AT&T, the real problem is the networks that are allowing the spoofed packets out. Because if you receive an IP packet from an end user with a source address that's not from your network, you should assume that it came from a new legitimate routing path and forward it right up. Because it's normal for your end users to set up crazy routing without even having an AS.

          A big problem on the internets is ISPs that are run by idiots or assholes who don't understand (or care about) basic TCP/IP etiquette. It's not just spoofed packets, it's also spoofed BGP announcements. And freely allowing outbound port 25 access.

          (I noticed recently when I was setting up and testing SMTP auth on my own mail server that AT&T apparently now blocks outbound port 25 for dynamic IP users, hooray for them. It still works from my AT&T static IP, though.)

      • ACK Attack (Score:5, Informative)

        by iYk6 ( 1425255 ) on Monday July 27, 2009 @02:49AM (#28833855)

        So to stop a DDoS attack on a server, they remove any and all access to that server? Am I the only one seeing the irony here?

        The post you responded to is misleading. According to this: [], this was an ACK attack, which causes problems not only for the directly attacked host, but for other users as well.

        Ordinarily, a TCP connection is set up when you send a SYN packet to a website, such as 4chan, and then 4chan responds with a ACK, and then you respond again with a SYN-ACK.

        Here is how an ACK attack works. I, the attacker, will send a SYN packet to 4chan, but I am pretending to be you, or your IP address. 4chan then sends an ACK packet to you, excepting a SYN-ACK in response. However, you did not initiate the connection, so you send a RST back to 4chan (or nothing at all, depending on your firewall settings).

        Then I do it again. And again. I effectively flood both you and 4chan with meaningless traffic. Your traffic problems are even worse, because if you have a firewall blocking the RST packets, then 4chan will send you 4 ACK packets (depending on configuration) for every SYN packet I send them.

        In this case, AT&T and other ISPs decided that the simplest solution to ending this DOS against their users was to block packets to and from 4chan (or a specific part of 4chan).

        • The issue was reported on [] 16 hours ago. At no time, apparently, was access to slow. Also, at present the IP address connects directly to, as it should.

          So, AT&T, is not blocking, the company is only blocking some of its users. Check 4chan status []. Quote: "UPDATE: Some coverage on TechCrunch [], Digg [], reddit [], and Google News []. Also, note that AT&T has yet to contact us."
          • Is it possible this is just another 4chan prank?
            • YES. But I'm guessing this [] is not the whole story:

              But now 4chan's founder, Moot, has admitted the whole thing was kind of his fault.

              "For the past three weeks, 4chan has been under a constant DDoS attack," Moot wrote in an afternoon update. "We were able to filter this specific type of attack in a fashion that was more or less transparent to the end user. ... Unfortunately, as an unintended consequence of the method used, some Internet users received errant traffic from one of our network switches. A
        • Re: (Score:3, Interesting)

          by dublindan ( 1558489 )
          I'm in favour to transitioning away from TCP/IP towards SCTP []/IP personally. Any future network code I write will be based on SCTP instead of TCP, if I can get away with it. :-P Not only is it more resilient to SYN flooding than TCP is, but it gives me other nice possibilities like multiple streams per connection, multi-homing, the choice of ordered or unordered and the choice of reliable or unreliable. The disadvantage being that its not as widely used, so there may be some associated issues, though Linux,
      • Re: (Score:3, Insightful)

        by Opportunist ( 166417 )

        Mission Accomplished!

      • Re: (Score:2, Interesting)

        by EvanED ( 569694 )

        Am I the only one seeing the irony here?

        There are plenty of ways such a decision would make sense. For instance, population A ("the south") is DDoSing 4chan. In so doing, they are disrupting access for everyone everywhere, including population B ("the north"), population C ("europe"), and population D ("alpha proxima"). By cutting off access from population A, they have made things only marginally worse for population A (since they couldn't get to it anyway), but have 'fixed' the problem for populations B,

        • and population D ("alpha proxima").

          They might judge our culture and civilisation based on what they see of us (kinda like we judge ancient civilisations from what we find in old tombs). It could well be the sane thing to block their access to /b, for the sake of all humanity (and of course for great justice).

      • You could call it a quarantine.

      • Irony? I thought that's established practice now. After all, what was it again that we did we do to counter the threat of terrorists that want to establish an oppressive, all-controlling regime that wants to take away any and all of our liberties?

    • by toejam13 ( 958243 ) on Monday July 27, 2009 @02:07AM (#28833611)

      But, we've already sharpened the pitchforks and lit the torches.

      What are we supposed to do now?

    • by partyguerrilla ( 1597357 ) on Monday July 27, 2009 @02:09AM (#28833623)
      I don't know how credible this is [] But the IP specified there is the same for []
  • by yamamushi ( 903955 ) <<moc.liamg> <ta> <ihsumamay>> on Monday July 27, 2009 @02:06AM (#28833605) Homepage
    As of 1am CST, it looks like the block is beginning to be lifted : [] I can confirm access to open from the Austin/South Texas area now, whereas it wasn't about an hour ago.
    • Re: (Score:2, Insightful)

      by Venim ( 846130 )

      Sounds like they backed out pretty quickly. Probably the best move they could make (aside from not blocking 4chan in the first place).

      As for the DDoS claim by them, i say FUD. /b/ was just as slow as it always is.

      • Re: (Score:3, Informative)

        by Anonymous Coward

        You're an idiot... obviously there was a DOS going on.

        • Re: (Score:3, Interesting)

          by JWSmythe ( 446288 )

          Oh my gosh.. Not 4chan... What shall we do?

          Myself, I'm going on with my regular life, since I never went there anyways. :)

          But, since I was curious, I tried to go to their site from a Verizon FiOS line. Dead.

          This almost reminds me of the wonders of folks playing in IRC back in the day. One kid pisses off another kid, and suddenly folks are getting flooded off the network, and other various DoS attacks. SSDD.

          • Re: (Score:3, Interesting)

            Its not about 4chan, its about censorship. By ignoring this kind of thing we would only let ATT know that they can get away with it. I never visit 4chan but if it turns out that ATT really was trying to censor them then this story deserves all the publicity it can get.

            Of course if it really was just ATT's way of responding to a DDoS attack then perhaps everyone overreacted.

    • by stox ( 131684 )

      Same here. It was blocked since this afternoon, but is reachable now from AT&T DSL outside of Chicago.

  • Hooboy... (Score:5, Funny)

    by IonOtter ( 629215 ) on Monday July 27, 2009 @02:07AM (#28833609) Homepage

    This is going to be beyond epic. There's going to be movies made about this a hundred years from now. (It'll be a comedy/tragedy either way, or more probably both)

  • by BadAnalogyGuy ( 945258 ) <> on Monday July 27, 2009 @02:07AM (#28833613)

    The question is whether 4chan is the real problem or the reaction to 4chan is. /b/ is what it is and has been for quite a while. And the American Southern culture also has roots that go back at least 300 years. So in a battle for legitimacy, which one should take precedence over the other?

    We can talk about freedom of speech and such, but /b/ is home to content that is occasionally over the line illegal. On the other hand, only those who would actually seek it out would even know about it, so it doesn't make sense to "protect" the fair citizens of Hillbilly Valley by blocking the site.

    Raymond Bradbury wrote about this in his seminal work Farenheit 451. Once we start allowing the minority to exert power over the majority in the name of fairness and protection, we lose a critical pillar of our society. Censorship is the first step, but later it will be outright censure.

    Let's let that which is illegal stay illegal, and give everyone the benefit of full access, even if they don't want it. But I'm not from the South, so my cultural background doesn't lead me to the conclusion that censorship is better than freedom.

  • Net Neutrality (Score:2, Insightful)

    by SmarkWoW ( 1382053 )
    This is about Net Neutrality.

    Sure Anonymous is angry about being blocked by 15.5% of internet users, but this is only the first step. Most responses to this blockage are directed toward fighting net neutrality, NOT Anon attacking AT&T because their site was blocked.

    Anonymous is trying to fight this peacefully, they're not going to be DDoSing any DNS servers, backbone routers, or the like. They're going to be calling Customer Reps and complaining.

    This is a Net Neutrality issue, not a Internet Hate
    • Re: (Score:3, Funny)

      by Anonymous Coward

      First they came for the 4chan members, and I did not speak out,

      because I did not want to be labeled a child molester.

      Then they came for...

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Blocked for a portion (not all markets) of 15.5% of American Internet users

    • Re: (Score:3, Informative)

      by bipbop ( 1144919 )

      I have mod points, but I'm not using them, because there's no "-1 polite but very, very wrong" option.

      To be more specific, I laughed pretty hard at "Anonymous is trying to fight this peacefully, they're not going to be DDoSing any DNS servers, backbone routers, or the like." They're not one person, and they're not a body directed by an individual, and no one controls what the assholes do, so the best you can do is "Some people are urging others not to, and they may or may not care". Good luck with that ;-

      • Re:Net Neutrality (Score:5, Insightful)

        by SmarkWoW ( 1382053 ) on Monday July 27, 2009 @02:41AM (#28833831) Homepage
        I'd just like to point you to a few links explicitly discouraging users from taking illegal actions against this:

        ED Article [] Excerpts:
        "1. DON'T FUCK WITH THE LAW- We want to first make use of the rights we have, censorship is violating our rights."
        "Acting like an idiot and trying to DDoS them will only end with you being persecuted (and/or prosecuted), and your actions being used as a justification."
        "This battle is one we have to fight legally..."

        Insurgen Article []
        "Acting like a retard and trying to DDoS them will only end in them going [A QUOTE]"
        "Don't try to DDoS or do ANYTHING illegal or legally ambiguous to AT&T. This is a corporation with more resources, manpower, and preparation than anything you script kiddies have ever dealt with. You will be caught and prosecuted. Go through legal channels and reverse this using legitimate means."

        Those are just the ones in the windows I have open.

        Obviously there is no way to force someone not to do something, but the intentions are to solve this without any "damages".

        SpectralCoding []
      • Re: (Score:3, Insightful)

        by Opportunist ( 166417 )

        Thinking about all the "internet vigilante groups" that exist, Anonymous is maybe one of the better organized and better "behaved" ones. Actually it surprises me that they haven't been labeled a terrorist group yet, they act coherently and are not under any government's control...

        I think one of the reasons why this won't happen is that there's appearantly no "unspoken consensus" that DDoSing would be the right thing. You know, where you essentially say "stay within the law", but secretly everyone wished som

        • Re: (Score:3, Informative)

          by TuaAmin13 ( 1359435 )

          Actually it surprises me that they haven't been labeled a terrorist group yet

          Actually, they have []

          • Ok, so the label terrorist now officially means "any group not under government control"? Just checking, don't want to end up being in a terrorist group because my local group of garden gnome enthusiasts haven't filed for official club status...

        • Re: (Score:3, Informative)

          by Knara ( 9377 )
          Anonymous has an interesting, inconsistent filtering mechanism for the causes it chooses to champion (the only consistent cause that will be taken up is if someone acts against 4chan or /b/ itself). There's people who post asking for anonymous' help on a daily basis, which are met with replies of "(anonymous or /b/) is not your personal army". Any given incident is likely to feature entirely different groups of individuals, with entirely different ranges of skills.
    • Re: (Score:3, Interesting)

      by Myuu ( 529245 )

      I beg to differ, there is a difference between net neutrality and this, the larger issue of censorship.

    • Re: (Score:3, Insightful)

      by DurendalMac ( 736637 )
      Um, have you seen the threads on 4chan about this? Anon is going to fight this peacefully? Yeah, okay, sure, if by "peacefully" you mean "Make fake news stories that the AT&T CEO died to drop their stock price", then yeah.
  • Simmer Down Now. (Score:5, Informative)

    by ibaboon ( 582611 ) <> on Monday July 27, 2009 @02:13AM (#28833643) Homepage Journal
    The block is gone. It was for 4chans own good. They have been DDoSed for weeks. AT&T just stopped access for a short bit. Settle the heck down.
  • Idiots (Score:5, Insightful)

    by dbcad7 ( 771464 ) on Monday July 27, 2009 @02:21AM (#28833697)

    while some others suggest more drastic action (like cutting AT&T fiber)

    And eliminate ANY kind of access for themselves, and others who could care less about their problems.. Just as smart as having riots, burning down the grocery stores and then having no place to buy food.. Destruction as a form of protest only hurts themselves and other innocents.

  • Wrong way (Score:5, Funny)

    by gmuslera ( 3436 ) on Monday July 27, 2009 @02:27AM (#28833749) Homepage Journal
    There are smarter ways to disable 4chan, like this one []
  • I guarantee they're going to pull an "operation squirrel." That's where you cut tons of fibre with a dull tool so it looks chewed but you do so much that they know it was on purpose. People do that more than you think.
    • Re: (Score:3, Informative)

      by Xelios ( 822510 )
      I think you're confusing what you want to see happen with what actually will. Contrary to popular belief, most of the people over at 4chan aren't terrorists, I very much doubt they'll do anything IRL that might get them into serious legal trouble. Even if the chance of being caught is next to nothing, cutting someone's fiber is a few steps beyond what they normally do. Some of the smarter people there have already realized the best way to fight this is through legal means, calling their support lines, writi
    • Re: (Score:3, Funny)

      by dargaud ( 518470 )
      "Operation squirrel": spread peanut butter on your targets...
    • I'll quote Wikipedia on this one: "Citation needed." You have any evidence at all that this happens? For that matter, do you have any idea how fibre is run in the US? Here's a hint: It isn't on telephone poles, it is under ground. Also, it isn't as though it doesn't have a shield around it. These are not bare wires, they are run in thick bundles, which are then protected. They have to be strong since the term "pulling fibre" is not a casual one. It does actually get pulled through conduit and such and thus

  • The Rules? (Score:2, Funny)

    by Bazman ( 4849 )

    Someone broke rule 1 and rule 2 here. Slashdot post ending in 69 does rule 34 on timothy NAO!! Ahma chargin my slashdot layzars! CmdrTaco is now a meme. Ummm. Over 9000?

    Honestly, was the phrase "and nothing of value was lost" ever more appropriate?

  • Ham-fisted (Score:3, Funny)

    by kheldan ( 1460303 ) on Monday July 27, 2009 @03:02AM (#28833937) Journal
    Based on what I've been reading about this situation today (was away all of Saturday and most of today) it sounds to me like perhaps someone made what they thought was an insignificant decision to block access to a site they figured nobody really cared about anyway, overstepping their authority I'm sure, and started the shitstorm of the year. Now someone's supervisor has heard about it (probably 3rd hand) and after ripping that person a new asshole, has made them start backing off the blocks. Wouldn't be surprised if someone at AT&T gets fired just to throw some meat to the wolves in the hopes this will all go away. BTW nice ham-fisted attempt to stem the tide of a DDoS botnet, dumbasses.
  • "...while some others suggest more drastic action (like cutting AT&T fiber)."

    *sniff*wipes tear from eye*

    Humanity. You make me so proud.

  • by nilbog ( 732352 ) on Monday July 27, 2009 @03:34AM (#28834101) Homepage Journal

    In other news: AT&T pokes bees nest while wearing meat suit in hungry tiger cage.

  • There are ways to block DOS attacks other than killing all legitimate website traffic. Alternative scenarios: Skynet? Something went wrong in the Black Mesa Research Facility? Bored at work pranksters in the AT&T central office? Secret CIA plot?
  • If, as appears to be the case, AT&T are actively censoring a site won't this in effect remove their common carrier status so leaving them open to being liable to be prosecuted for any questionable material of any nature which is carried on their network (either to an end user on their network, from a server on their network or traffic routed over their network to/from non-AT&T network end points)...

  • AT&T DSL user here. (Score:3, Informative)

    by Alex Belits ( 437 ) * on Monday July 27, 2009 @05:08AM (#28834485) Homepage

    I can confirm that and are unreachable from my home DSL (AT&T/Yahoo in Northern California). Everything works fine once I have routed through OpenVPN over a non-AT&T network.

  • by LackThereof ( 916566 ) on Monday July 27, 2009 @05:47PM (#28844227)

    moot has posted the details on [].

    Basically he confirms all the speculation that AT&T blocked 4chan because of ACK bouncebacks from a DDOS. Real /b/tards probably already had off-network proxies at the ready to deal with it.

    Also, being on AT&T and unable to access 4chan doesn't necessarily mean that it's been blocked. 4chan is up and down all the time, because they're under constant DDOS attacks, at pretty much all times, from various sources. It seems that DDOSing 4chan is a basic holding pattern for botnets that aren't otherwise occupied.

    Here's what happened:

    For the past three weeks, 4chan has been under a constant DDoS attack. We were able to filter this specific type of attack in a fashion that was more or less transparent to the end user.

    Unfortunately, as an unintended consequence of the method used, some Internet users received errant traffic from one of our network switches. A handful happened to be AT&T customers.

    In response, AT&T filtered all traffic to and from our IPs (which serve /b []/ & /r9k/) for their entire network, instead of only the affected customers. AT&T did not contact us prior to implementing the block. Here is their statement regarding the matter [].

    In the end, this wasn't a sinister act of censorship, but rather a bit of a mistake and a poorly executed, disproportionate response on AT&T's part. Whoever pulled the trigger on blackholing the site probably didn't anticipate [nor intend] the consequences of doing so.

    We're glad to see this short-lived debacle has prompted renewed interest and debate over net neutrality and internet censorshipâ"two very important issues that don't get nearly enough attentionâ"so perhaps this was all just a blessing in disguise.

    Aside from that, I'll also add that there is some big news due later this week. Keep an eye on the News page, Twitter, and global message for updates.

    As always, I can be reached at


    PS: If any companies would like to hook us up with some better hardware, feel free! The architecture we've got powering this large and influential beast is really quite embarrassing. ( ._.)

  • Security Officer (Score:3, Interesting)

    by CmdrPorno ( 115048 ) on Tuesday July 28, 2009 @08:18AM (#28850141)

    Can you imagine being in charge of AT&T's security? I bet they are now having to monitor every post on /b/ for threats against AT&T.

    Job description: "Reading posts about testicles and lolcats. Looking at pictures of naked women."

You are in a maze of little twisting passages, all different.