Most of our IPv6 Security Myths are general notions, often passed on unwittingly between colleagues, friends, conference attendees, and others. Today's myth is one that most often comes specifically from your vendors or suppliers. Whether it's a hardware manufacturer, software developer, or Internet Service Provider (ISP), this myth is all about trust, but verify. more
This week's myth is interesting because if we weren't talking security it wouldn't be a myth. Say what? The phrase "96 more bits, no magic" is basically a way of saying that IPv6 is just like IPv4, with longer addresses. From a pure routing and switching perspective, this is quite accurate. OSPF, IS-IS, and BGP all work pretty much the same, regardless of address family. Nothing about finding best paths and forwarding packets changes all that much from IPv4 to IPv6. more
Here we are, half-way through this list of the top 10 IPv6 security myths! Welcome to myth #6. Since IPv6 is just now being deployed at any real scale on true production networks, some may think that the attackers have yet to catch up. As we learned in Myth #2, IPv6 was actually designed starting 15-20 years ago. While it didn't see widespread commercial adoption until the last several years, there has been plenty of time to develop at least a couple suites of test/attack tools. more
Here we are, all the way up to Myth #4! That makes this the 4th installment of our 10 part series on the top IPv6 Security Myths. This myth is one of my favorite myths to bust when speaking with folks around the world. The reason for that is how many otherwise well-informed and highly experienced engineers, and others, hold this myth as truth. It's understandable, really. more
Time for another annual roundup from the world of IP addresses. What happened in 2014 and what is likely to happen in 2015? This is an update to the reports prepared at the same time in previous years. So lets see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself. more
Now that IPv6 is being actively deployed around the world, security is more and more a growing concern. Unfortunately, there are still a large number of myths that plague the IPv6 security world. These are things that people state as fact but simply aren't true. While traveling the world, talking to the people who've already deployed IPv6, I've identified what I believe are the ten most common IPv6 security myths. more
This year I didn't even get a good picture of our famous Christmas goat here in the city of Gavle Sweden. The Christmas goat this year survived Christmas but were suddenly on the 28th of December dismounted. The reason for the poor goat's early leave from its own little park downtown Gavle is that it is now the year of the goat in China, and the city of Gavle has a sister-town in China -- Zhuhai. more
Here we are with CircleID's annual roundup of top ten most popular posts featured during 2014 (based on overall readership). Congratulations to all the participants whose posts reached top readership and best wishes for 2015. more
By now you might have read the news "How 'Gangnam Style' Broke YouTube?" What happened is that a YouTube video named 'Gangnam Style' by a South Korean singer Park Jae-sang, known by his stage name PSY, has been viewed so many times that it broke YouTube's view counter. YouTube's view counter is built on a 32-bit integer, which provides a view-tracking capability of nearly 2.15 billion views. more
Hon' Prime Minister, Why would India table Proposal 98 for the work of the ITU Plenipotentiary Conference? Contribution 98 wants the ITU to develop an IP address plan; wants it to be a contiguous IP address platform so as to enable the Governments to map and locate every Internet user; suggests that the ITU may coordinate the distribution of IP addresses accordingly; instructs the ITU Secretary General to develop policies for... naming, numbering and addressing which are [already] systematic, equitable... more
NANOG 62 was held at Baltimore from the 6th to the 9th October. These are my observations on some of the presentations that occurred at this meeting. .. One of the more memorable sides in this presentation was a reference to "map" drawn by Charles Minard in 1869 describing the statistics relating to the Napoleonic military campaign in Russia, and the subsequent retreat. more
On Tuesday, September 9, 2014, you have a great opportunity to watch live a very packed agenda full of great sessions about IPv6, DNSSEC, routing/BGP security and other components of Internet infrastructure streaming out of the UKNOF / ION Belfast event in Belfast, UK. All of the sessions can be seen live. more
Last year, I gave a short talk at the Commonwealth Telecommunications Organisation (CTO) Forum in (Abuja, Nigeria) on this topic and I thought I'd offer more details here. Let's say an African government has realised that IPv4 address exhaustion imposes limits its country's ICT development. Initial investigations indicate that deploying IPv6 is the only sustainable solution. Governments are however not very skilled in the bottom-up approach that is popular in the Internet world. more
I can't help but think that the situation in this rather old joke applies very precisely to the current Australian efforts to compel network operators, through some contemplated regulatory instrument, to record and retain network-collected data about their customers' online activities. What I'd like to examine here the emerging picture that while networks, and network operators, make convenient targets for such surveillance efforts, the reality of today's IP network's are far more complex, and Internet networks are increasingly ignorant about what their customers do. more
At APNIC Labs we've been working on developing a new approach to navigating through some of our data sets the describe aspects of IPv6 deployment, the use of DNSSEC and some measurements relating to the current state of BGP. The intent of this particular set of data collections is to allow the data to be placed into a relative context, displaying comparison of the individual measurements at a level of geographic regions, individual countries, and individual networks. more
A World-Renowned Source for Internet Developments. Serving Since 2002.