Networks / Recently Commented

A Brief Look at the Domain Attack Surface of Streaming Media Companies

The term "attack surface" is often heard in cybersecurity conversations. It refers to the sum of all possible attack vectors or the vulnerabilities that threat actors can exploit to penetrate a target network or damage an organization somehow. An unused and forgotten subdomain, for instance, can become an attack vector when taken over. Certain categories of companies have very large attack surfaces. Such is the case of streaming media businesses like Netflix and HBO Max. more

Scaling the Root of the DNS

The DNS is a remarkably simple system. You send it queries, and you get back answers. Within the system, you see exactly the same simplicity: The DNS resolver that receives your query may not know the answer, so it, in turn, will send queries deeper into the system and collects the answers. The query and response process is the same, applied recursively. Simple. However, the DNS is simple in the same way that Chess or Go are simple... more

The Internet’s Gilded Age

The rise of the Internet has heralded rapid changes in our society. The opportunities presented by a capable and ubiquitous communications system and a global transportation network have taken some corporations from the multinational to the status of truly global mega-corporation. Good examples of these new corporations include Google, Apple, Amazon, Microsoft and Facebook. There are a handful of large-scale winners in this space and many losers. But this is not the first time we've witnessed a period of rapid technological and social change. more

IPv4 Exhaustion, 5 Implications for Africa Running out Last

I spend most of my time teaching engineers in different countries how to plan and deploy IPv6 networks. Over the last two years, I have been speaking more and more to non-engineers. These are either technology executives who sense that they need to do something about this "IPv6" thing, or government IT leaders who want to understand what the problem is and more importantly, what they could do. The most impactful part of these these exchanges is when I get these managers to understand the implications of IPv4 address exhaustion to their organisations. more

Beyond the Interweb

Today's Internet is a network of networks and seen through the lens of the web. We need to look beyond the engineering history to see the Internet in the context of the broader vision of JCR Licklider, an acoustic psychologist, and his vision of man/computer symbiosis... JCR Licklider would've been thrilled to see such a powerful man-machine symbiosis becoming so normal and having it work so well. Lick, as he was called, can be considered the grandfather of the Internet. more

The Evolution of 5G

Technology always evolves, and I've been reading about where scientists envision the evolution of 5G. The first generation of 5G, which will be rolled out over the next 3-5 years, is mostly aimed at increasing the throughput of cellular networks. According to Cisco, North American cellular data volumes are growing at a torrid 36% per year, and even faster than that in some urban markets where the volumes of data are doubling every two years. The main goal of the first-generation 5G is to increase network capacity to handle that growth. more

A New Busy Hour – One of the Many Consequences of the COVID-19 Pandemic

One of the many consequences of the coronavirus is that networks are going to see a shift in busy hour traffic. Busy hour traffic is just what it sounds like -- it's the time of the day when a network is busiest, and network engineers design networks to accommodate the expected peak amount of bandwidth usage. Verizon reported on March 18 that in the week since people started moving to work from home that they've seen a 20% overall increase in broadband traffic. more

The Early History of Usenet, Part IX: Retrospective Thoughts

Usenet is 40 years old. Did we get it right, way back when? What could/should we have done differently, with the technology of the time and with what we should have known or could feasibly have learned? And what are the lessons for today? A few things were obviously right, even in retrospect. For the expected volume of communications and expected connectivity, a flooding algorithm was the only real choice. more

How the Internet Can Be Enormously Accelerated Without Fiber-Optic Cables or LEO Satellites

We got used to it: if we open a website, it's always like stop and go on a high-traffic highway or city traffic jam. At some point, we will reach the destination. The constant stalling is due to a traffic rule for the Internet called TCP (Transmission Control Protocol). The TCP/IP protocol family comes from the American defense industry. It was introduced by DARPA (Defence Advanced Research Projects Agency) in the early 1970s. At that time, no one had the Internet as the need of the masses on the screen. more

Five Inconvenient Facts about the Migration to 5G Wireless

An unprecedented disinformation campaign purposefully distorts what consumers and governments understand about the upcoming fifth generation of wireless broadband technology. A variety of company executives and their sponsored advocates want us to believe that the United States already has lost the race to 5G global market supremacy and that it can regain it only with the assistance of a compliant government and a gullible public. more

Gall’s Law and the Network

In Systemantics: How Systems Really Work and How They Fail, John Gall says: "A complex system that works is invariably found to have evolved from a simple system that worked. A complex system designed from scratch never works and cannot be patched up to make it work. You have to start over with a working simple system." In the software development world, this is called Gall's Law... more

A Look Back at the World of IP Addressing in 2018: What Changed and What to Expect

Time for another annual roundup from the world of IP addresses. Let's see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself. Back in around 1992 the IETF gazed into the crystal ball and tried to understand how the internet was going to evolve and what demands that would place on the addressing system as part of the "IP Next Generation" study. more

Creating TLS: The Pioneering Role of Ruth Nelson

As often occurs in networking and cryptographic history, anecdotes and insularity conspire to mask how developments actually occurred, and seminal roles undertaken by women are forgotten or ignored. One of the notable examples of this proclivity occurred in the cybersecurity cryptology arena as it involves a critical platform known as the Transport Layer Security Protocol (TLS) and the pioneering role of Ruth Nelson. more

Securing the Routing System at NANOG 74

The level of interest in the general topic of routing security seems to come in waves in our community. At times it seems like the interest from network operators, researchers, security folk and vendors climbs to an intense level, while at other times the topic appears to be moribund. If the attention on this topic at NANOG 74 is anything to go by we seem to be experiencing a local peak. more


The APNIC Blog has recently published a very interesting article by Willem Toorop of NLnet Labs on the relationship between Security Extensions for the DNS (DNSSEC) and DNS over Transport Layer Security. Willem is probably being deliberately provocative in claiming that "DoT could realistically become a viable replacement for DNSSEC." If provoking a reaction was indeed Willem's intention, then he has succeeded for me, as it has prompted this reaction. more

Industry Updates

DNS Record Contents: Are Organizations Giving Away More Than They Should?

As Global Internet Demands Skyrocket, Expert Share Advice on How to Optimize IT Infrastructure to Meet Modern-Day Challenges

IP Monetization: IP Leasing Makes the Case for Recurring Long-Term Revenue

Leasing IPv4 Addresses in the Dawn of the New Internet Era

How to Monitor IP Netblocks for Possible Targeted Attacks

Not All VPN Users Are Worth Trusting, a Lesson for Cloud Service Providers

Everything You Need to Know About IPv4 vs. IPv6

The Louisiana State Ransomware Attack: Enhancing Cyberdefense with Reverse IP Address Lookup

The Disney+ Account Hijacking: Preventing Unauthorized Network Access with Threat Intelligence Tools

InterMed Breach: How Threat Intelligence Sources Help Maintain Domain Integrity

Alleviating the Constant Clash Between DevSecOps and DevOps Teams

Moving from the Castle-and-Moat to the Zero-Trust Model

NS1 Raises $33M for Its Application Traffic Management Solutions

How Threat Intelligence Can Solve 3 Common SIEM Problems

Currents of Change: Empowering the Growth and Interplay of Subsea and Interconnection