We regularly check the status of IPv6 deployment in the RIPE NCC service region, and in other service regions as well. One way to measure IPv6 deployment is to look at the percentage of networks announcing IPv6 prefixes and follow the developments over time. The RIPE NCC's IPv6-ASN graph shows the percentage of networks that announce one or more IPv6 prefixes in the global routing system. Having an IPv6 prefix visible in the global routing system is a required step for a network to actually start exchanging IPv6 traffic with other networks. more
Before the experiment has gotten off the ground, some critics have expressed concern about applications to operate domains referring to a "generic" product or service, like .car, .book, or .app. News reports indicate that Microsoft and other Google competitors have filed complaints about Google's applications, while authors' organizations have raised questions about some of Amazon's applications. These complaints assert that giving these applicants the right to operate these new domains would provide an unfair competitive advantage. more
The numbers are big. Official figures quoted at the recent 21st annual China Content and Broadcasting Network (CCBN) conference indicate that China has 400 million TV households, of which 210 million subscribe to cable TV (CATV). Of these cable subscribers, 140 million receive digital service while the rest are still on analog systems. This means that the country's CATV network is still largely a one-way network, limiting the growth of on-demand and interactive services. more
This article is a copy of a letter sent today, 3 of April 2013, to the attention of Mr Fadi Chehadé, CEO of ICANN and other members of the ICANN board. Protecting wine Geographical Indications in the new gTLD program is a problem. This letter is also an article providing hints for the protection of Wine Geographical Indications in the ICANN new gTLD program. more
Three vectors were exploited in the recent DDoS attack against Spamhaus: 1) Amplification of DNS queries through the use of DNSSEC signed data; 2) Spoofed source addresses due to lack of ingress filtering (BCP-38) on originating networks; 3) Utilisation of multiple open DNS resolvers While. 1) is unavoidable simply due to the additional data that DNSSEC produces, and 2) "should" be practised as part of any provider's network configuration, it is 3) that requires "you and I" ensure that systems are adequately configured. more
There has been plenty of buzz and chatter on the Internet recently concerning a very large DDoS attack against CloudFlare, with coverage on their blog, the New York Times, and the BBC, among many others. While attacks of this nature are certainly nothing new, the scale of this attack was surprising, reported to hit 120Gbps. For a sense of scale, your average cable modem is only about 20Mbps, or about 0.016% of that bandwidth. more
How will the business of existing top-level domains (TLDs) be impacted by the new gTLDs? Someone asked me this simple question and I was very surprised to see that my online searches couldn't easily find many detailed articles or research related to that point. more
The 7th meeting of the UN Broadband Commission in Mexico City was again a good combination of announcements about new plans, results of previously undertaken activities, and views on the future of broadband. Very noticeable was the enthusiasm and acknowledgement of the impact of ICT, and of broadband in particular. In September 2012 the Commission launched its working group on gender equality. Research undertaken by the various members of the workgroup provided somewhat similar results. more
Culminating a year-long policy development process, ICANN today launched its new Blocking Usage Review Panel (BURP). The BURP provides long-needed oversight over services that block Internet traffic. "While everyone understands that national laws such as the U.S. CAN SPAM define what traffic is or is not elegible to block, legal processes can be slow and cumbersome," said a spokeswoman. "Since the Internet is global and traffic often traverses multiple countries, the array of different laws cause uncertainty." more
Yesterday Verisign sent ICANN a most interesting white paper called New gTLD Security and Stability Considerations. They also filed a copy with the SEC as an 8-K, a document that their stockholders should know about, It's worth reading the whole thing, but in short, their well-supported opinion is that the net isn't ready for all the new TLDs, and even if they were, ICANN's processes or lack thereof will cause other huge problems. more
If you haven't been reading the news of late, venerable anti-spam service Spamhaus has been the target of a sustained, record-setting Distributed Denial-of-Service (DDoS) attack over the past couple of weeks... Of course, bad guys are always mad at Spamhaus, and so they had a pretty robust set-up to begin with, but whoever was behind this attack was able to muster some huge resources, heretofore never seen in intensity, and it had some impact, on the Spamhaus website, and to a limited degree, on the behind-the-scenes services that Spamhaus uses to distribute their data to their customers. more
Last year there was a "threat" by anonymous group to black out Internet by using DNS Reflection/Amplification attack against the Internet DNS Root servers. I even wrote a little article about it: "End of the world/Internet". In the article I was questioning if this was even possible and what was needed as general interest and curiosity. Well, looking at the "stophaus" attack last week, we are getting some answers. more
For those of you interested in IPv6 and/or DNSSEC, we'll have a live webcast out of the Internet Society's ION Singapore conference happening tomorrow, March 28, 2013, starting at 2:00pm Singapore time. more
As attack vectors go, very few are as significant as obtaining the ability to insert bespoke code in to an application and have it automatically execute upon "inaccessible" backend systems. In the Web application arena, SQL Injection vulnerabilities are often the scariest threat that developers and system administrators come face to face with (albeit way too regularly). more
The results of an excellent study made, for reasons that will become clear, by an anonymous author reaches this conclusion... The problem is, to make the study, the author created a botnet - that is he wrote a small program that took advantage of insecure devices to enlist additional machines to help in the study. more
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byCSC
Sponsored byRadix