Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
This very interesting document was released by ICANN's Generic Names Supporting Organization (GNSO) for public comment yesterday. And it asks some fundamental questions while at the same time pointing to sources such as the Honeynet Alliance's reports on fast flux. more
The beginning of the year saw IPv6 added to the DNS root, closing a major hole for IPv6-only communication. In mid-year, the US federal government's IPv6 mandate came into effect, requiring all federal IP backbones to support IPv6. While the mandate didn't have anywhere near the effect that many had hoped for, it did spur many vendors to add IPv6 support to their products. The amount of observed IPv6 traffic increased considerably, but we still lack good data for how much IPv6 is being used. So, where were we at the end of 2008? more
With all the focus on neutrality in the provider networks we must not lose sight of what is happening in our own homes. As with some of the efforts to make the networks work better (as measured in the providers' paternalistic) view, their attempt to retake the home is about serving us better by reducing the operators' costs. "Better" is of course in terms of the operator's own measures. It's not quite the same as in 1995 when providers opposed home networks and want to charge us for each machine... more
It is sometimes said that: 'IP addresses are hoarded by "developed nations" - if only "underdeveloped" nations were given more IP addresses, the Internet would grow more/better...' Assertions like this mistakenly conflate the administrative process of requesting and receiving public IP addresses with the economic or commercial act of routing IP addresses - of engaging in what is sometimes called "Internet production." The former, administrative process involves relatively little in the way of overhead, and confers nothing more than the potential to develop public Internet resources -- i.e., to create new Internet users (provide access) and/or Internet uses (provide content and other online services). more
The end of the year is approaching which seems to be a harbinger of Internet disasters. Four years ago (on 24 Dec. 2004), TTNet significantly disrupted Internet traffic by leaking over 100,000 networks that were globally routed for about an hour. Two years ago (on 26 Dec. 2006), large earthquakes hit the Luzon Strait, south of Taiwan, severing several underwater cables and wreaking havoc on communications in the region. Last year there was a small delay. On 30 Jan. 2008, more underwater cables were severed in the Mediterranean, severely disrupting communications in the Middle East, Africa, and the Indian subcontinent. Calamity returned to its customary end-of-year schedule this year, when early today (19 Dec. 2008) several communications cables were severed, affecting traffic in the Middle East and Indian subcontinent. more
In a highly anticipated presentation, Internet security researcher Dan Kaminsky today gave details of the much talked about Domain Name System (DNS) vulnerability issue which has been intensely covered since it was publicly announced a month ago on Jul 8th. Although original plans entailed keeping the bug details undisclosed for 30 days in order to allow for necessary security patches to be implemented around the world, details of the bug were eventually leaked-and-confirmed 13 days after its public announcement. Even so, just hours ago in jam-packed ballroom during the Black Hat conference, Kaminsky delivered his 100-plus-slide presentation detailing the DNS flaw that, if exploited, could potentially "destroy the Web". more
The internet bus continues to accelerate straight into the IPv4 address depletion wall with spirited discussions continuing on how to divvy up the remnants of the address space. Obviously all five Regional Internet Registries (RIR's) want to make sure they get their fair share from IANA but what is a fair share remains the subject of interpretation. In the mean time, scenarios of a speculative land rush and auctions of ever smaller address blocks abound with unattractive consequences such as an explosion of the size of the routing table and a stunted growth of the global internet economy... In the meantime, the airline industry completed a rather significant migration of their own... more
The folks at Renesys pointed out earlier this week some interesting activity surrounding the L-root name server, highlighting some activity that should give us all yet another reason to be concerned about the security and integrity of the Internet DNS... considering that a great deal of malware today tends to corrupt the DNS resolution path in order to further exploit compromised end-systems, and that corruption, or any other actual end-system compromise, might well be unnecessary if the root were compromised -- well, think of the possibilities! more
I've posted to SSRN my paper on why most telecom companies, even though they operate networks, don't appreciate the fundamental business dynamics of network structures. This will be a chapter in a book Wharton is publishing on network-based strategies and competencies. In the paper, I describe two views on telecom and Internet infrastructure... more
As most CAUCE supporters already know, forging 'From:' or other commonly seen email headers is trivially easy. It's one of the most frustrating oversights in the creation of Internet email technology -- though of course that's only obvious in hindsight; it was just fine for the pre-Internet networks of the late 1970s and early-mid 1980s. Since then, things have changed -- and the most interesting recent technological advancements in email have been in the realm of sender authentication, which encompasses ways to verify that the apparent sender of a message actually is the entity which sent it. more
It happened in San Jose, it happened in Taiwan and soon it will happen in Philadelphia! A nightmare? A conspiracy? No, no, it was just the IPv6 hour. One hour of pure IPv6 LAN for NANOG attendees with a NAT-PT as valve to the crowded teeming world of the IPv4 internet... At 12 noon, Tuesday February 19th it happened! While Mac, Vista, Linux and Unix can breathe AAAA, Windows XP however cannot do DNS over IPv6 transport. What to do to avoid all these Windows XP users... more
The main reason for developing a new internet protocol was based on lack of address; however this was not the only reason. Unfortunately, many people think of IPv6 only as enormous address space, but there are a lot of other advantages, for example... authorizations and authentication function are implemented directly in the protocol and are mandatory... automatic configuration of network interfaces based on their physical address... protocol itself recognizes data streams which must be transmitted in real time, and the data must be processed with highest priority... more
The debates are raging over whether or not we should migrate to IPv6. The strongest argument is the enormous address space that will allow for everyone and everything to have a unique public address, many addresses actually. It is often said that the shortage of public IPv4 addresses has limited our capabilities because it led to the pervasive use of private addressing, Network Address Translation (NAT) and Port Address Translation (PAT). Though these technologies remain critical, they are often regarded as stop-gap measures, and they sometimes create problems. In some circles, NAT has acquired a very bad name. But is that a fair perspective of the technology? Let's review the positives and negatives. more
The ITU-T has proposed a new system of country-based IP address allocations which aims to satisfy a natural demand for self-determination by countries; however, the proposal also stands to realign the Internet's frontiers onto national boundaries, with consequences which are explored here. ...we do indeed see the Internet as a single entity, and we even speak of the Internet's architecture as if there was one designer who laid out a plan and supervised its construction. But despite all appearances, the Internet landscape is indeed made up of many separate networks... This article will explore these issues, particularly in light of recent proposals to introduce new mechanisms for IP address management, a prospect which could, over time, substantially alter both the geography of the Internet, and its essential characteristics as a single cohesive network. more
There have been quite a number of recent articles about various IPv6 issues. Thus the question: how far along is the actual IPv6 deployment? This is a quick-and-dirty survey that focuses mainly on the content provider side. What domains were surveyed? Alexa offers country depended TopSites listings. Domains listed are frequently visited by users from that country, not necessarily hosted there... more
A World-Renowned Source for Internet Developments. Serving Since 2002.