IPv4 Markets



Everything You Need to Know About IPv4 vs. IPv6

The Hidden Value of IPv4 Addresses and How to Take Advantage of Rising IPv4 Address Value

IPv4 Markets / Recently Commented

Defending Networks Against DNS Rebinding Attacks

DNS rebinding attacks are real and can be carried out in the real world. They can penetrate through browsers, Java, Flash, Adobe and can have serious implications for Web 2.0-type applications that pack more code and action onto the client. Such an attack can convert browsers into open network proxies and get around firewalls to access internal documents and services. It requires less than $100 to temporarily hijack 100,000 IP addresses for sending spam and defrauding pay-per-click advertisers. Everyone is at risk and relying on network firewalls is simply not enough. In a paper released by Stanford Security Lab, "Protecting Browsers from DNS Rebinding Attacks," authors Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and Dan Boneh provide ample detail about the nature of this attack as well as strong defenses that can be put in place in order to help protect modern browsers. more

Transition to IPv6 Address

Last month's column looked at the exhaustion of the IPv4 unallocated address pool and the state of preparedness in the Internet to grapple with this issue... There has been a considerable volume of discussion in various IPv6 and address policy forums across the world about how we should respond to this situation in terms of development of address distribution policies. Is it possible to devise address management policies that might both lessen some of the more harmful potential impacts of this forthcoming hiatus in IPv4 address supply, and also provide some impetus to industry to move in the originally intended direction to transition into an IPv6 network? more

Scarcity of IPv4 Addresses

My friend Kurtis writes in his blog some points he has been thinking of while discussing "when we run out of IPv4 addresses". In reality, as he points out so well, we will not run out. It will be harder to get addresses. It is also the case that unfortunately people that push for IPv6 claim IPv6 will solve all different kinds of problem. Possibly also the starvation problems in the world... more

IPv6 for the Rest of Us

IPv6 deployment is in a chicken and egg situation. On the one hand, there is no willingness from ISPs and commodity DNS router manufacturers to include IPv6 support in their infrastructure or equipment because "there is no demand". On the other hand, there is no demand because the average Joe Blow could not care less if he accesses a web site under IPv4 or IPv6. It should just work. The equipment and infrastructure should adapt transparently... What we users can do is to stop waiting for the industry to get its act together and work around its limitations... more

The End of the (IPv4) World is Nigher!

Funny how some topics seem sit on a quiet back burner for years, and then all of a sudden become matters of relatively intense attention. Over the past few weeks we've seen a number of pronouncements on the imminent exhaustion of the IP version 4 address pools. Not only have some of the Regional Internet Registries (RIRs) and some national registry bodies made public statements on the topic, we've now seen ICANN also make its pronouncement on this topic... Why the sudden uptake of interest in this topic? I suspect that a small part of this may be my fault! more

What Prevents IPv6 Deployment in Europe

ZDNet UK has an article on IPv6 and what may slow down its deployment. Jay Daley, from Nominet points out to the fact that the current IPv6 allocation policy used by RIPE NCC is geared towards ISPs. This is a complaint I have heard time and time again. Under the current policy, you have to show to RIPE NCC that you are going to allocate 200 address blocks to your customers before you are allocated a /32 block. Obviously, a large corporate network cannot afford to renumber every time it switches ISPs... more

More IPv6 Warnings on Why Organizations Must Plan Transition Now

The IPv6 Portal reports on a paper titled "The Choice: IPV4 Exhaustion or Transition to IPv6", written by Jordi Palet, warning that organizations must start planning for IPv6 now or "be aware that some already have, and you are beginning to be at a disadvantage." From the report: "This is going to affect the business of existing Internet Service Providers (ISPs) and to a greater extent, at a certain point in time, the creation of new ISPs. As a consequence if may have a deeper impact in developing regions (Africa, Asia and Latin America/Caribbean) where the penetration of the Internet is not yet so widespread." more

ARIN Provides Latest Word on Need to Move to IPv6: Will Anyone Heed the Warning? (Does anyone care?)

NetworkWorld is running an article today that talks about the announcement from ARIN (the American Registry for Internet Numbers) of the ARIN Board resolution calling upon ARIN to no longer be "neutral" in the IPv4 vs IPv6 space and instead work to actively encourage migration to IPv6... Until now, ARIN and the other RIRs have generally been fairly neutral in the IPv4 versus IPv6 debate and have not shown a preference in allocation, but this announcement from ARIN shows the first signs of change. more

Ongoing Internet Emergency and Domain Names

There is a current ongoing Internet emergency: a critical 0day vulnerability currently exploited in the wild threatens numerous desktop systems which are being compromised and turned into bots, and the domain names hosting it are a significant part of the reason why this attack has not yet been mitigated. This incident is currently being handled by several operational groups. This past February, I sent an email to the Reg-Ops (Registrar Operations) mailing list. The email, which is quoted below, states how DNS abuse (not the DNS infrastructure) is the biggest unmitigated current vulnerability in day-to-day Internet security operations, not to mention abuse. more

Addressing the Future Internet

What economic and social factors are shaping our future needs and expectations for communications systems? This question was the theme of a joint National Science Foundation (NSF) and Organisation for Economic Co Operation and Development (OECD) workshop, held on the 31st January of this year. The approach taken for this workshop was to assemble a group of technologists, economists, industry, regulatory and political actors and ask each of them to consider a small set of specific questions related to a future Internet. Thankfully, this exercise was not just another search for the next "Killer App", nor a design exercise for IP version 7. It was a valuable opportunity to pause and reflect on some of the sins of omission in today's Internet and ask why, and reflect on some of the unintended consequences of the Internet and ask if they were truly unavoidable consequences... more

IP Address Intelligence Burdening Content Providers with Regional Laws?

I've been looking into IP address filtering by content providers. I understand that IP addresses can be attached with confidence to geographical locations (at the country level, at least) about 80% of the time. You have to make up the rest with heuristics. So there are companies that are in the business of packaging those geolocation heuristics for sites. ...How widely are these services used? ...does it now make sense to put content sites to the burden of complying with the laws applicable to the people/machines they know are visiting them? more

Internet Zombies

Today on Dave Farber's IP list, someone revived the ancient argument that ICANN imposes limits on the number of top level domains (TLDs) because to have more than a few will cause DNS to wobble and cause the internet to collapse. Although long discredited, that argument hangs around like a zombie. ICANN has never been able to adduce a shred of proof that there is anything to support that assertion... more

Map of the Internet: The IPv4 Space of 2006

An intersecting representation of the IP Address space on a plane using a fractal mapping that preserves grouping... Section of the map also shows the blocks sold directly to corporations and governments in the 1990's before the RIRs took over allocation. more

IPv6: Extinction, Evolution or Revolution?

For some years now the general uptake of IPv6 has appeared to be "just around the corner". Yet the Internet industry has so far failed to pick up and run with this message, and it continues to be strongly reluctant to make any substantial widespread commitment to deploy IPv6. Some carriers are now making some initial moves in terms of migrating their internet infrastructure over to a dual protocol network, but for many others it's a case of still watching and waiting for what they think is the optimum time to make a move. So when should we be deploying IPv6 services? At what point will the business case for IPv6 have a positive bottom line? It's a tough question to answer, and while advice of "sometime, probably sooner than later" is certainly not wrong, it's also entirely unhelpful as well! more

Worm Propagation Strategies in an Ipv6 Internet

A recent paper called "Worm Propagation Strategies in an IPv6 Internet", written by Steven M. Bellovin, Angelos Keromytis, and Bill Cheswick, examines whether or not the deployment of IPv6 will in fact provide a substantial level of barrier against worms. Shared below are the introductory paragraphs from this paper. "In recent years, the internet has been plagued by a number of worms. One popular mechanism that worms use to detect vulnerable targets is random IP address-space probing..." more