Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS tunneling -- the ability to encode the data of other programs or protocols in DNS queries and responses -- has been a concern since the late 1990s. If you don't follow DNS closely, however, DNS tunneling likely isn't an issue you would be familiar with. Originally, DNS tunneling was designed simply to bypass the captive portals of Wi-Fi providers, but as with many things on the Web it can be used for nefarious purposes. For many organizations, tunneling isn't even a known suspect and therefore a significant security risk. more
The cloud computing paradigm has been making steady progress in 2016. With the DevOps model making its way from cloud to networking, the business upside of fully automated service architectures is finally beginning to materialize. The associated service agility is expected to unleash new business models that transform the ways in which applications and connectivity can be consumed. more
The Internet Society (ISOC) has been working with the African Union (AU) to facilitate the African Internet Exchange System (AXIS). This AXIS project funded by the EU-Africa Infrastructure Trust Fund and the Government of Luxembourg will help keep Internet traffic in Africa internal to the continent and avoid expensive international transit costs and delay latency in routing Internet traffic through other continents. more
There has recently been some good and bad news about WiMAX. On the good news part, an announcement made by the WiMAX Forum this month regarding the launching of the Mobile WiMAX certification program through which vendors can get their IEEE 802.16e-2005 equipment tested and possibly certified... On the bad news part, there was the Sprint-Clearwire breakup after three months of announcing a plan to join forces in building a nationwide WiMAX network in the US. Although it is anticipated that each company would carry on with its own WiMAX plans, analysts believe that the breakup would have negative impact on WiMAX deployment in the US... more
A report "Securing Cyberspace for the 44th Presidency" has just been released. While I don't agree with everything it says (and in fact I strongly disagree with some parts of it), I regard it as required reading for anyone interested in cybersecurity and public policy. The analysis of the threat environment is, in my opinion, superb; I don't think I've seen it explicated better. Briefly, the US is facing threats at all levels, from individual cybercriminals to actions perpetrated by nation-states. The report pulls no punches... more
For the past few decades, there's been a relatively straightforward narrative on the economics behind the IPv6 transition that goes something like this: sooner or later, IPv4 scarcity will drive costs up until they exceed those of deploying IPv6. A competitive market will then make the rational choice and transition to a more efficient mode of production and deploy IPv6. This is textbook economics, and - with the disclaimer that I'm not a trained economist - it appears to be incorrect. more
Why are networks so insecure? One reason is we don't take network security seriously. We just don't think of the network as a serious target of attack. Or we think of security as a problem "over there," something that exists in the application realm, that needs to be solved by application developers. Or we think the consequences of a network security breach as "well, they can DDoS us, and then we can figure out how to move load around, so if we build with resilience (enough redundancy)... more
Ever want to know where all the submarine cables are that provide part of the physical infrastructure of the Internet? Or which cities in the world have the most connectivity via submarine cables? (or which regions might be single points of failure?) In doing some research I stumbled across this excellent site from the folks at TeleGeography... It is a very well done and captivating (to me, anyway) view into where all the current and planned submarine cables are located. more
For nearly all communications on today's Internet, domain names play a crucial role in providing stable navigation anchors for accessing information in a predictable and safe manner, irrespective of where you're located or the type of device or network connection you're using. Over the past 15 years hundreds of millions of domain names have been added to the Internet's Domain Name System (DNS), and well over two billion (that's Billion!) new users, some ~34 percent of the global population, have become connected. more
The internet bus continues to accelerate straight into the IPv4 address depletion wall with spirited discussions continuing on how to divvy up the remnants of the address space. Obviously all five Regional Internet Registries (RIR's) want to make sure they get their fair share from IANA but what is a fair share remains the subject of interpretation. In the mean time, scenarios of a speculative land rush and auctions of ever smaller address blocks abound with unattractive consequences such as an explosion of the size of the routing table and a stunted growth of the global internet economy... In the meantime, the airline industry completed a rather significant migration of their own... more
We regularly check the status of IPv6 deployment in the RIPE NCC service region, and in other service regions as well. One way to measure IPv6 deployment is to look at the percentage of networks announcing IPv6 prefixes and follow the developments over time. The RIPE NCC's IPv6-ASN graph shows the percentage of networks that announce one or more IPv6 prefixes in the global routing system. Having an IPv6 prefix visible in the global routing system is a required step for a network to actually start exchanging IPv6 traffic with other networks. more
Pinning down the number of infected computers is really, really hard. I'd go as far as saying it's practically impossible to calculate, let alone observe. Still, that's not going to stop people from attempting to guess or extrapolate from their own observations. Over the years I've heard "reliable" numbers ranging from 10% through to 60% -- and I don't trust any of them. There's a whole gaggle of reasons why the numbers being thrown out to the public are inaccurate and should ideally be interpreted with a lot of skepticism by any right-minded folks. more
The emergence and proliferation of Internet of Things (IoT) devices on industrial, enterprise, and home networks brings with it unprecedented risk. The potential magnitude of this risk was made concrete in October 2016, when insecure Internet-connected cameras launched a distributed denial of service (DDoS) attack on Dyn, a provider of DNS service for many large online service providers (e.g., Twitter, Reddit). Although this incident caused large-scale disruption, it is noteworthy that the attack involved only a few hundred thousand endpoints... more
Developments in the Caribbean digital space are fuelling initiatives to strengthen the Internet infrastructure in the region. In Guadeloupe, a recent agreement among three Internet service providers has cleared the way for the island to establish its first Internet exchange point. Commonly called an IX or an IXP, an Internet exchange point is a critical element of Internet infrastructure used to interconnect networks and deliver data traffic between them. more
It was only a few weeks back, in July of this year, where I remarked that an Akamai report of an outage was unusual for this industry. It was unusual in that it was informative in detailing their understanding of the root cause of the problem, describing the response that they performed to rectify the immediate problem, the measures being undertaken to prevent a recurrence of this issue, and the longer-term measures to improve the monitoring and alerting processes used within their platform. more
A World-Renowned Source for Internet Developments. Serving Since 2002.