User comments on ISPs
  >> Virgin Media (Cable)


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | [2] | 3 | >> (show all)   Print Thread
Administrator MrSaffron
(staff) Sat 17-Mar-18 11:26:24
Print Post

Re: VM blocking Netflix?


[re: 23Prince] [link to this post]
 
if Virgin Media was blanket blocking port 443 then web browsing would be broken for many sites, and no-one would be doing online banking so clearly this is incorrect info or only affecting Netflix e.g. a problem with the CDN

The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
Standard User jchamier
(eat-sleep-adslguide) Sat 17-Mar-18 11:34:05
Print Post

Re: VM blocking Netflix?


[re: MrSaffron] [link to this post]
 
In reply to a post by MrSaffron:
if Virgin Media was blanket blocking port 443 then web browsing would be broken for many sites, and no-one would be doing online banking so clearly this is incorrect info or only affecting Netflix e.g. a problem with the CDN

Reminds me of the 1999 to 2002 era with NTL cable where they "played" with proxy caches. Often if the proxy went down all web (80 and 443) would fail, even though 443 couldn't be cached.

For capacity reasons the VM domestic network will be regional, and it could be a fault in a regional centre.

plusnet unlimited fibre 80/20 - 2 Jun 14 - Sync at 21/Oct/17: 63,430/9,688 - G.INP & 2.6 dB SNRm
19 years broadband since 1999's ntl:cable modem trial - Now using Asus RT-AC88U with BT HG612 - BQM
Standard User 23Prince
(fountain of knowledge) Sat 17-Mar-18 16:09:12
Print Post

Re: VM blocking Netflix?


[re: MrSaffron] [link to this post]
 
In reply to a post by MrSaffron:
if Virgin Media was blanket blocking port 443 then web browsing would be broken for many sites, and no-one would be doing online banking so clearly this is incorrect info or only affecting Netflix e.g. a problem with the CDN


Exactly what I was thinking - 443 is SSL full stop.


Register (or login) on our website and you will not see this ad.

Standard User jchamier
(eat-sleep-adslguide) Sat 17-Mar-18 16:15:24
Print Post

Re: VM blocking Netflix?


[re: 23Prince] [link to this post]
 
In reply to a post by 23Prince:
Exactly what I was thinking - 443 is SSL full stop.

Er, to be accurate, 443 is secure HTTP (https). SSL is obsolete and insecure, replaced by TLS, and hopefully 1.1 or better version 1.2. You can easily use TLS on any other protocol, such as POP or IMAP as well.

plusnet unlimited fibre 80/20 - 2 Jun 14 - Sync at 21/Oct/17: 63,430/9,688 - G.INP & 2.6 dB SNRm
19 years broadband since 1999's ntl:cable modem trial - Now using Asus RT-AC88U with BT HG612 - BQM
Standard User 23Prince
(fountain of knowledge) Sat 17-Mar-18 16:29:15
Print Post

Re: VM blocking Netflix?


[re: jchamier] [link to this post]
 
In reply to a post by jchamier:
In reply to a post by 23Prince:
Exactly what I was thinking - 443 is SSL full stop.

Er, to be accurate, 443 is secure HTTP (https). SSL is obsolete and insecure, replaced by TLS, and hopefully 1.1 or better version 1.2. You can easily use TLS on any other protocol, such as POP or IMAP as well.


right okay well - same thing to me.
Standard User ukhardy07
(knowledge is power) Sat 17-Mar-18 17:04:28
Print Post

Re: VM blocking Netflix?


[re: 23Prince] [link to this post]
 
In reply to a post by 23Prince:
In reply to a post by jchamier:
In reply to a post by 23Prince:
Exactly what I was thinking - 443 is SSL full stop.

Er, to be accurate, 443 is secure HTTP (https). SSL is obsolete and insecure, replaced by TLS, and hopefully 1.1 or better version 1.2. You can easily use TLS on any other protocol, such as POP or IMAP as well.


right okay well - same thing to me.
SSL is deprecated. There's a large difference between SSLv2 and TLSv1.2. From a security perspective SSL versions should not be used. We regard the use of SSLv2/v3 a High Risk finding for client work, which is the same risk ranking we give transmission of usernames and passwords over HTTP (ie no encryption) or management of a network device over TELNET (again no encryption). In effect we are saying use of these legacy protocols is akin to not encrypting what-so-ever and often times worse since it can give a false sense of security and lure a user into entering a password / username they would not enter on an unencrypted form.

Edited by ukhardy07 (Sat 17-Mar-18 17:05:49)

Standard User 23Prince
(fountain of knowledge) Sat 17-Mar-18 18:39:34
Print Post

Re: VM blocking Netflix?


[re: ukhardy07] [link to this post]
 
yup.. ok
Standard User Saltank
(committed) Sun 18-Mar-18 11:10:29
Print Post

Re: VM blocking Netflix?


[re: MrSaffron] [link to this post]
 
It didn't seem like all packets over 443 were being blocked, just the encrypted ones, and the ones which I thought were directly trying to display content from Netflix' local servers at Virgin Media's locations all over London. For example ipv4-c016-rom001-ix....... and occ-0-784-778.1.nflxs....... Here's a screenshot

Netflix said they have had issues with the SuperHub 3.0 in particular but I think it's up to me now to chase Virgin Media for a resolution as they don't know what to do it seems.

Administrator MrSaffron
(staff) Sun 18-Mar-18 12:05:42
Print Post

Re: VM blocking Netflix?


[re: Saltank] [link to this post]
 
"It didn't seem like all packets over 443 were being blocked, just the encrypted ones"

If that was the case then online banking would not work, since it relies on HTTPS transport over 443 as well as many other things.

If somehow they are blocking encrypted 443 packets for just one service, that might suggest some interception and certificate checking. Or a certificate is invalid, i.e. out of date

The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
Standard User Saltank
(committed) Sun 18-Mar-18 19:49:02
Print Post

Re: VM blocking Netflix?


[re: MrSaffron] [link to this post]
 
The certificates (or at least one of them!) seems to check out

And if it was a problem then wouldn't all users be having the same issue? :/

Still haven't had time to call VM and find out what's going on, a week ago they promised it will work today. Alas it hasn't been resolved, obviously.

Pages in this thread: 1 | [2] | 3 | >> (show all)   Print Thread

Jump to