[tor-talk] ISP CenturyLink Blocking Tor?

Max Bond max.o.bond at gmail.com
Mon Feb 2 00:45:23 UTC 2015 

Oops, typo.

What I meant to say was I scanned about twenty-five thousand hosts for
Heartbleed.

On Sun, Feb 1, 2015 at 5:43 PM, Max Bond <max.o.bond at gmail.com> wrote:

> Hello,
>
> I've been using CenturyLink for ADSL in the US for five or six years
> (coincidentally this is my last day with them, so I probably won't be able
> to do much testing), and I have never had a problem using Tor; as soon as I
> saw this thread, I fired up Tor Browser and accessed a few websites. I
> didn't use pluggable transports and everything went smoothly.
>
> I can confirm that restarting the router changes the IP address, and that
> they have some level of remote management (I've noticed them installing
> firmware updates to my router.)
>
> I've never heard of this "protection program" but I doubt its the cause.
> I've never known it to be zealous, let alone overzealous; I scanned about
> twenty-five thousand, multiple times, to gather statistics. I never heard a
> peep out of
> them. I imagine that they'd watch for large volumes of obvious attack
> traffic before they targeted Tor, from a malware perspective.
>
> All that being said, perhaps this is a regional difference.
>
> Hope that helps,
> Max
>
>
> On Sun, Feb 1, 2015 at 4:59 PM, Ben Tasker <ben at bentasker.co.uk> wrote:
>
>> > This policy document talks about botnet and virus infections, so it
>> doesn't seem relevant to OP's friend, because tor and torrent clients are
>> neither.
>>
>> As it has been known for some infections to establish a connection back to
>> their C&C via Tor, it's not inconceivable an ISP (or more likely,
>> who-ever's providing their kit) might apply a policy which could
>> (deliberately or otherwise) wind up blocking Tor. Whether Tor is malware
>> has no real bearing, what matters is whether it's traffic is perceived as
>> such by the ISP
>>
>> I missed the part about the torrent client, though it sounds like the
>> behaviour was slightly different. In either case though, the OP's
>> description makes it sound like the external connection dropped in it's
>> entirety - for any kind of filtering/blocking that's massive overkill. If
>> you were being restricted to a walled garden, outside connectivity might
>> appear unavailable unless you were going to a whitelisted IP.
>>
>> On my (UK) ISP, a reboot of the router pretty much guarantees a new IP,
>> though I have also been with providers where that wasn't the case.
>>
>> On Sun, Feb 1, 2015 at 11:43 PM, Yuri <yuri at rawbw.com> wrote:
>>
>> > On 02/01/2015 15:24, Ben Tasker wrote:
>> >
>> >> Looking at their info page -
>> >>
>> http://www.centurylink.com/Pages/AboutUs/Legal/InternetServiceManagement/
>> >> -
>> >> it seems Century Link run what they call a Protection Program.
>> >>
>> >> If they detect (what they consider to be) potentially malicious
>> traffic,
>> >> the connection gets put in a walled garden to notify the end user.
>> >>
>> >
>> > This policy document talks about botnet and virus infections, so it
>> > doesn't seem relevant to OP's friend, because tor and torrent clients
>> are
>> > neither.
>> >
>> >  As others have said, rebooting the router would likely have acquired a
>> new
>> >> IP, so effectively cancelling a block.
>> >>
>> >
>> > Not familiar with CenturyLink, but with Comcast digital cable only
>> > rebooting with changed client MAC address would cause an IP change.
>> > Otherwise IP is very persistent.
>> >
>> >
>> > Yuri
>> >
>> > --
>> > tor-talk mailing list - tor-talk at lists.torproject.org
>> > To unsubscribe or change other settings go to
>> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>> >
>>
>>
>>
>> --
>> Ben Tasker
>> https://www.bentasker.co.uk
>> --
>> tor-talk mailing list - tor-talk at lists.torproject.org
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
>
>

More information about the tor-talk mailing list