Mark's contact forward the inquiry to a Mr. G. who works as Associate Director for Customer Appeals, AT&T Office of the President. After receiving a detailed synopsis, Mr. G. looked into it and replied the same working day (!):
Mr.
Geiger:
What
I have learned is whenever someone comes across a situation where their IP has
been blocked then you should receive a message basically stating “The website
you are trying to reach is hosted on a server that has been compromised and was
involved in malicious activity. AT&T has blocked the IP address on our
network”. I am not sure what type of message you received, but the
easiest way to address this in the future is by calling our U-verse Care center
who is equipped to assist you with this matter. Their number is
1-800-288-2020 and if needed they can engage extra support to handle this type
of issue. We do also have directions on how to identify the vulnerability so
you as the hosting provider can contact noc@att.net and specify the IP address being
blocked for instructions on how to remove the vulnerability and get the block
lifted. Please let me know if this addresses your concern and should you
have any additional questions please let me know. Thank you!
Thank you too, Mr G, for a prompt response! Points to the AT&T and the U-verse team.
Alas, no message as noted above appeared. What triggered the block and what the trigger thresholds are remain unclear. Why is perfectly understandable: so baddies cannot circumvent them. Perhaps it was a glitch in the attack detection software? This block is the first seen in nearly five years of solid and reliable U-verse service and three years of using HostMonster.
The workaround is to have a small script monitor hosts and raise an alarm should they suddenly become unpingable via AT&T's network.
Many thank to Mark, too. I owe you lunch. We gotta go to that place I keep telling you about in Santa Paula.
Posts
No comments:
Post a Comment