Networks

Networks / Most Viewed

In Memoriam: Frederick P. Brooks, Jr. – a Personal Recollection

Brooks is famous for many things. Many people know him best as the author of The Mythical Man-Month, his musings on software engineering and why it's so very hard. Some of his prescriptions seem quaint today -- no one these days would print out documentation on microfiche every night to distribute to developers -- but his observations about the problems of development remain spot-on. But he did so much more. more

5G (and Telecom) vs. The Internet

5G sounds like the successor to 4G cellular telephony, and indeed that is the intent. While the progression from 2G to 3G, to 4G and now 5G seems simple, the story is more nuanced. At CES last month I had a chance to learn more about 5G (not to be confused with the 5Ghz WiFi) as well as another standard, ATSC 3.0 which is supposed to be the next standard for broadcast TV. more

The Cybersecurity Act of 2009

Four senators (Rockefeller, Bayh, Nelson, and Snowe) have recently introduced S.773, the Cybersecurity Act of 2009. While there are some good parts to the bill, many of the substantive provisions are poorly thought out at best. The bill attempts to solve non-problems, and to assume that research results can be commanded into being by virtue of an act of Congress. Beyond that, there are parts of the bill whose purpose is mysterious, or whose content bears no relation to its title. more

NXDOMAIN Substitution: Good or Evil?

It might seem a little strange, but in the current economics of the market in registration of DNS names it appears that the set of names that are not "visible," or at least not associated with any dedicated network service point, represents a far larger set, and has a far higher total value to the DNS name registration industry, than the set of network-visible service endpoint domain names. In other words, there appears to be a larger and more valuable market for names that do not exist than for names that do. more

On the Time Value of Security Features in DNS

There are some real problems in DNS, related to the general absence of Source Address Validation (SAV) on many networks connected to the Internet. The core of the Internet is aware of destinations but blind to sources. If an attacker on ISP A wants to forge the source IP address of someone at University B when transmitting a packet toward Company C, that packet is likely be delivered complete and intact, including its forged IP source address. Many otherwise sensible people spend a lot of time and airline miles trying to improve this situation... The problems created for the Domain Name System (DNS) by the general lack of SAV are simply hellish. more

Anycast, Unicast, or Both?

A long time ago in an Internet far away, nobody paid for DNS services. Not directly at least. We either ran our own servers, or got DNS service as part of our IP transit contract, or traded services with others. In ~1990 I was the operator of one of the largest name servers in existence (UUCP-GW-1.PA.DEC.COM) and I exchanged free DNS secondary service with UUNET. Two thousand zones seemed like a lot of zones back then -- little did we dream that there would some day be a billion or so DNS zones world wide. more

DPI is Not a Four-Letter Word!

As founder and CTO of Ellacoya Networks, a pioneer in Deep Packet Inspection (DPI), and now having spent the last year at Arbor Networks, a pioneer in network-based security, I have witnessed first hand the evolution of DPI. It has evolved from a niche traffic management technology to an integrated service delivery platform. Once relegated to the dark corners of the central office, DPI has become the network element that enables subscriber opt-in for new services, transparency of traffic usage and quotas, fairness during peak busy hours and protection from denial of service attacks, all the while protecting and maintaining the privacy of broadband users. Yet, DPI still gets a bad rap... more

Measuring IPv6 - Country by Country

Some years ago a report was published that ranked countries by the level of penetration of broadband data services. You can find the current version of that report at the OECD web site. This ranking of national economies had an electrifying impact on this industry and upon public policies for broadband infrastructure in many countries. Perhaps this happened because there were some real surprises lurking in the numbers at the time. more

8 Reasons Why Cybersecurity Strategy and Business Operations are Inseparable

In modern society, there is one fact that is unquestionable: The hyper-connectivity of the digital economy is inescapable. A financial institution without an online presence or omni-channel strategy will cease to be competitive. Universities (for-profit or non-profit) must develop and continuously evolve their online learning capabilities if they are to stay relevant. Online retailers are quickly outpacing and rendering their 'brick-and-mortar' counterparts irrelevant. more

Up to 300 Megawatt Worth of Keepalive Messages to be Saved by IPv6?

The Time Square Ball bringing in 2008 had more than 9,500 LED bulbs displaying 16 million colours while consuming power equivalent to about ten toasters. This compares to 600 incandescent and halogen bulbs adorning last year's Ball. Easy to forget that most mobile devices used by Time Square revelers were behind IPv4 NAT's and that always on applications such as Instant Messaging, Push e-mail, VoIP or location based services tend to be electricity guzzlers. It so happens that applications that we want always to be reachable have to keep sending periodic keepalive messages to keep the NAT state active... more

Removing Need at RIPE

I recently attended RIPE 66 where Tore Anderson presented his suggested policy change 2013-03, "No Need -- Post-Depletion Reality Adjustment and Cleanup." In his presentation, Tore suggested that this policy proposal was primarily aimed at removing the requirement to complete the form(s) used to document need. There was a significant amount of discussion around bureaucracy, convenience, and "liking" (or not) the process of demonstrating need. Laziness has never been a compelling argument for me and this is no exception. more

The IoT Needs a Paradigm Shift from Security to Safety of Connected Devices

Building IoT ventures from scratch by prototyping hardware devices and their backend systems as well as working for a large company that tries to sell IoT devices itself, we learned a lot about the pitfalls and problems concerning security in the IoT. Nearly every connected device out there proved to be vulnerable to attacks. Researchers showed that it's possible to remotely take control over autonomous vehicles, implanted medical devices were manipulated, voting machines compromised and of course all sorts of other "smart" devices... more

IPv6: A 2012 Report Card

The Gogonet Live conference in San Jose witnessed outstanding presentations by several federal administrations including Veteran Affairs, NASA and SPAWAR, sharing their experience and progress towards IPv6 adoption. Furthermore, the NIST compliance report leaves no agency any place to hide. The report card is there for everybody to see. In spite of regular jabs and criticisms, the US Federal Government has done a remarkable job. more

IPv6 and Transitional Myths

I attended the RIPE 61 meeting this month, and, not unexpectedly for a group that has some interest in IP addresses, the topic of IPv4 address exhaustion, and the related topic of the transition of the network to IPv6 has captured a lot of attention throughout the meeting. One session I found particularly interesting was one on the transition to IPv6, where folk related their experiences and perspectives on the forthcoming transition to IPv6. I found the session interesting, as it exposed some commonly held beliefs about the transition to IPv6, so I'd like to share them here, and discuss a little about why I find them somewhat fanciful. more

An Update on IPv6

In the coming weeks another Regional Internet Registry will reach into its inventory of available IPv4 addresses to hand out and it will find that there is nothing left. This is by no means a surprise, and the depletion of IPv4 addresses in the Internet could be seen as one of the longest slow motion train wrecks in history. The IANA exhausted its remaining pool of unallocated IPv4 addresses over four years ago in early 2011, and since then we've seen the exhaustion of the address pools in the Asia Pacific region in April 2011, in the European and the Middle Eastern region in September 2012, in Latin America and the Caribbean in May 2014 and now it's ARIN's turn... more

Industry Updates

RIPE 85 News Update

Meet the Speakers of the Cyber Threat Mitigation Webinar (by IPXO)

Dormant IPv4 Addresses Can Help Mitigate Expected Network Outages

To Accelerate 5G Adoption, European Telcos Need More IP Addresses

3 Key Recommendations to Trust the Cloud More by Trusting It Less

DNS Record Contents: Are Organizations Giving Away More Than They Should?

As Global Internet Demands Skyrocket, Expert Share Advice on How to Optimize IT Infrastructure to Meet Modern-Day Challenges

IP Monetization: IP Leasing Makes the Case for Recurring Long-Term Revenue

Leasing IPv4 Addresses in the Dawn of the New Internet Era

How to Monitor IP Netblocks for Possible Targeted Attacks

Not All VPN Users Are Worth Trusting, a Lesson for Cloud Service Providers

Everything You Need to Know About IPv4 vs. IPv6

The Louisiana State Ransomware Attack: Enhancing Cyberdefense with Reverse IP Address Lookup

The Disney+ Account Hijacking: Preventing Unauthorized Network Access with Threat Intelligence Tools

InterMed Breach: How Threat Intelligence Sources Help Maintain Domain Integrity