New and interesting network abuse.

My apologies if this strays off topic, but I wanted to share my recent

We had a collocation customer come in and request a t1 of pots lines for
their servers, then complaints that their "security" software wasn't
working because of our RPF checks. As it turns out they were dialing up
to a local isp, and sending bulk email using our bandwidth, but the
dial-up's ip.... And receiving the TCP ack on the dial up.

Very ingenious imho, but I'm not sorry it didn't work out.

Anyone else seen this before?


Thread that I just started yesterday about port 25 blocking and if
more ISPs werent doing this bidirectionally.

Which is what your local ISP, and other ISPs that have dialup pools, must do.


Its not new. In fact, its so not new, I think those involved could quite
happily believe its very clever. :slight_smile: