Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
CircleID recently interview Paul Vixie, Founder & Chairman of Internet Software Consortium (ISC), to discuss ISC's newly formed Operations, Analysis, and Research Center (OARC). OARC is launched in response to DDoS attacks at the Internet's core infrastructure and the vital requirement for a formal coordination system. OARC is also a part of US homeland security initiatives, such as the formation of Information Sharing and Analysis Centers (ISACs).
"Registries and registrars, ccTLD operators, large corporate NOCs, ISPs and ecommerce companies that host many domain names are all likely candidates. This is also a natural for law enforcement groups that are worried about attacks on the Internet." more
There are indications that the Internet, at least the Internet as we know it today, is dying. I am always amazed, and appalled, when I fire up a packet monitor and watch the continuous flow of useless junk that arrives at my demarcation routers' interfaces. That background traffic has increased to the point where it makes noticeable lines on my MRTG graphs. And I have little reason for optimism that this increase will cease. Quite the contrary, I find more reason to be pessimistic and believe that this background noise will become a Niagara-like roar that drowns the usability of the Internet. And the net has very long memory... more
After attending the afternoon ICANN Security & Stability Committee meeting, I realized that the issues involved fall into several related but independent dimensions. Shy person that I am *Cough*, I have opinions in all, but I think it's worthwhile simply to be able to explain the Big Picture to media and other folks that aren't immersed in our field. In these notes, I'm trying to maintain neutrality about the issues. I do have strong opinions about most, but I'll post those separately, often dealing with one issue at a time. more
ICANN today has made a formal demand stating: "Given the magnitude of the issues that have been raised, and their potential impact on the security and stability of the Internet, the DNS and the .com and .net top level domains, VeriSign must suspend the changes to the .com and .net top-level domains introduced on 15 September 2003 by 6:00 PM PDT on 4 October 2003. Failure to comply with this demand by that time will leave ICANN with no choice but to seek promptly to enforce VeriSign's contractual obligations." What follows is a collection of commentaries made around the net and by experts in response to today's announcement...
more
We Internet users, who either own domain names or have an interest in the domain name system, wish to object to the VeriSign's Site Finder system. We believe that the system: 1) Breaks technical standards, by rewriting the expected error codes to instead point to VeriSign's pay-per-click web directory, and threatens the security and stability of the Internet; 2) Breaks technical standards affecting email services, and other Internet systems... more
The Internet, ultimately, is a fragile thing, as an entity. It depends upon the consensus of those responsible for its infrastructure to operate on a daily basis. Because of the inherent robustness as a technical architecture, there is no entity that can "break the Internet" in the sense of stopping the flow of traffic, but there are several entities that can create a variety of inconveniences, some minor and some serious, for the millions who use the Internet. more
The Internet Corporation for Assigned Names and Numbers (ICANN) has released an "Advisory" concerning VeriSign's deployment of DNS wildcard (Site Finder) service: "Since the deployment, ICANN has been monitoring community reaction, including analysis of the technical effects of the wildcard, and is carefully reviewing the terms of the .com and .net Registry Agreements. In response to widespread expressions of concern from the Internet community about the effects of the introduction of the wildcard..." more
A harmful, highly unilateral and capricious action. Tons of software out there depended on the ability to tell the difference between a domain name which exists and does not. They use that to give a meaningful, locally defined error to the user, or to identify if an E-mail address will work or not before sending the mail. Many used it as a way to tag spam (which came from domains that did not exist). It is the local software that best knows how to deal with the error. more
This is a special two-part series article providing a distinct and critical perspective on Internet Protocol Version 6 (IPv6) and the underlying realities of its deployment. The first part gives a closer look at how IPv6 came about. This part exposes the myths.
Good as all this is, these attributes alone have not been enough so far to propel IPv6 into broad-scale deployment, and consequently there has been considerable enthusiasm to discover additional reasons to deploy IPv6. Unfortunately, most of these reasons fall into the category of myth, and in looking at IPv6 it is probably a good idea, as well as fair sport, to expose some of these myths as well. more
This is a special two-part series article providing a distinct and critical perspective on Internet Protocol Version 6 (IPv6) and the underlying realities of its deployment. The first part gives a closer look at how IPv6 came about and the second part exposes the myths.
In January 1983, the Advanced Research Projects Agency Network (ARPANET) experienced a "flag day," and the Network Control Protocol, NCP, was turned off, and TCP/IP was turned on. Although there are, no doubt, some who would like to see a similar flag day where the world turns off its use of IPv4 and switches over to IPv6, such a scenario is a wild-eyed fantasy. Obviously, the Internet is now way too big for coordinated flag days. The transition of IPv6 into a mainstream deployed technology for the global Internet will take some years, and for many there is still a lingering doubt that it will happen at all. more
The IPv6 Forum, the North American IPv6 Task Force, and Charmed Technology, Inc. today announced that the U.S. IPv6 Summit 2003 will be held December 8 - 11, 2003 in Arlington, VA, at the Doubletree Crystal City. The U.S. IPv6 Summit 2003 will focus on deployment, technical depth of key IPv6 features, and applications or services of Internet Protocol version 6 (IPv6). more
A recent study by researchers at the Cooperative Association for Internet Data Analysis (CAIDA) at the San Diego Super Computer Center (SDSC) revealed that a staggering 98% of the global Internet queries to one of the main root servers, at the heart of the Internet, were unnecessary. This analysis was conducted on data collected October 4, 2002 from the 'F' root server located in Palo Alto, California.
The findings of the study were originally presented to the North American Network Operators' Group (NANOG) on October 2002 and later discussed with Richard A. Clarke, chairman of the President's Critical Infrastructure Protection Board and Special Advisor to the U.S. President for Cyber Space Security. more
I was a witness at the two prior hearing, one in 2001 and another in 2002 - it's quite an experience.
My submission to this year's hearing is online at http://www.cavebear.com/rw/senate-july-31-2003.htm
What's going to be said by the witnesses? I don't know. But I have some guesses... more
Some individual appears to have hijacked more than a 1,000 home computers starting in late June or early July and has been installing a new Trojan Horse program on them. The Trojan allows this person to run a number of small websites on the hijacked home computers. These websites consists of only a few web pages and apparently produce income by directing sign-ups to for-pay porn websites through affiliate programs. Spam emails messages get visitors to come to the small websites.
To make it more difficult for these websites to be shut down, a single home computer is used for only 10 minutes to host a site. After 10 minutes, the IP address of the website is changed to a different home computer... more
IPv6 advocacy has been tainted by FUD and half-truth. CommsWorld recently interviewed Juniper's Jeff Doyle, who is a strong supporter of IPv6 -- but who also has little patience for IPv6 mythology. Forget security, half-true address crises and QoS: the best reason for the world to run with IPv6 is what's driven the Internet all along -- innovation. more
A World-Renowned Source for Internet Developments. Serving Since 2002.