Networks

Blogs

Lessons from the O2 Network Outage: The Real Cost of Manual Processes

More than 30 million people lost their data connectivity on December 6, 2018, in the United Kingdom as O2's network suffered from a nationwide service outage. Based on several reports, the incident was caused by a human error at Ericsson, the telecoms supplier responsible for operating certain parts of the O2 network. To compensate for the downtime and tarnished reputation, the O2 management is now reportedly seeking damages of up to a hundred million pounds from Ericsson. more

New Report About Internet Routing With MANRS

I find myself reading, frequently, about "interesting" exploits of IP routing. Recent history includes the redirection of Telegram traffic to Iran, Google traffic to China, and Cloudflare traffic to Nigeria -- and, per bgpstream.com, 64 events this month, 18 of them on one day. Is this expensive? You bet, both in money and in mindshare. Imagine the impact of discovering your company's name in the press. more

In a Networked World Knowing the Right Time Is Essential but How Accurate Are the Computer Clocks?

Computers have always had clocks. Well maybe not clocks as you might think, but digital computers have always had oscillators, and if you hook the oscillator to a simple counter then you have a clock. The clock is not just there to tell the time, although it can do that, nor is it there just to record the time when data files are created or modified, though it does that too. Knowing the time is important to many functions, and one of those is security. more

BGP Hijacks: Two More Papers Consider the Problem

The security of the global Default Free Zone (DFZ) has been a topic of much debate and concern for the last twenty years (or more). Two recent papers have brought this issue to the surface once again - it is worth looking at what these two papers add to the mix of what is known, and what solutions might be available. The first of these traces the impact of Chinese "state actor" effects on BGP routing in recent years. more

Ossification and Fragmentation: The Once and Future 'net

Mostafa Ammar, out of Georgia Tech recently posted an interesting paper titled The Service-Infrastructure Cycle, Ossification, and the Fragmentation of the Internet. I have argued elsewhere that we are seeing the fragmentation of the global Internet into multiple smaller pieces, primarily based on the centralization of content hosting combined with the rational economic decisions of the large-scale hosting services. The paper in hand takes a slightly different path to reach the same conclusion. more

Securing the Routing System at NANOG 74

The level of interest in the general topic of routing security seems to come in waves in our community. At times it seems like the interest from network operators, researchers, security folk and vendors climbs to an intense level, while at other times the topic appears to be moribund. If the attention on this topic at NANOG 74 is anything to go by we seem to be experiencing a local peak. more

Google Signs Memoranda of Understanding With Four Cuban Organizations

Cuban President Miguel Díaz-Canel addressed the first annual meeting of Cuba's IT professional society, the Unión de Informáticos de Cuba. In his talk, Díaz-Canel announced that four Cuban organizations - the Havana City Historian's Office, the University of Computer Sciences (UCI), Infomed, Cuba's medical network, and the Ministry of Culture had signed memoranda of understanding (MOUs) with Google. more

IPv6 Security Considerations

When rolling out a new protocol such as IPv6, it is useful to consider the changes to security posture, particularly the network's attack surface. While protocol security discussions are widely available, there is often not "one place" where you can go to get information about potential attacks, references to research about those attacks, potential counters, and operational challenges. more

BGP Security: A Gentle Reminder that Networking is Business

At NANOG on the Road (NotR) in September of 2018, I participated in a panel on BGP security -- specifically the deployment of Route Origin Authentication (ROA), with some hints and overtones of path validation by carrying signatures in BGP updates (BGPsec). This is an area I have been working in for... 20 years? ... at this point, so I have seen the argument develop across these years many times, and in many ways. more

Getting on with Digital Transformation: Three Steps to Making Strategic Technology Choices

In a recently published Uptime Institute Survey, Uptime Institute found that organizations operating data centers are finding it increasingly difficult to recruit professionals skilled in security, networking, and hybrid technologies. This realization comes at an interesting time, as the monolithic business infrastructure built over the last two decades is now entering a period of transformation. more

Join the Quantum Internet Hackathon 2018

The eighth RIPE NCC hackathon takes on the Quantum Internet! The hackathon will be held during the weekend before RIPE 77 in Amsterdam, and is co-organised by QuTech and TU Delft, along with the RIPE NCC. We're bringing together network operators, quantum networking researchers, students, hackers, software developers and artists, to imagine and build the tools for the future Internet. more

Nerd Knobs and Open Source in Network Software

Tech is commoditizing. I've talked about this before; I think networking is commoditizing at the device level, and the days of appliance-based networking are behind us. But are networks themselves a commodity? Not any more than any other system. We are running out of useful features, so vendors are losing feature differentiation. This one is going to take a little longer... more

DNSSEC and DNS over TLS

The APNIC Blog has recently published a very interesting article by Willem Toorop of NLnet Labs on the relationship between Security Extensions for the DNS (DNSSEC) and DNS over Transport Layer Security. Willem is probably being deliberately provocative in claiming that "DoT could realistically become a viable replacement for DNSSEC." If provoking a reaction was indeed Willem's intention, then he has succeeded for me, as it has prompted this reaction. more

Community Networks Could Help Strengthen the Caribbean Internet

By some estimates, only half of the world's population has internet access, leaving the other half at a sizeable competitive disadvantage. This profound connectivity gap is especially significant in the unserved and underserved areas of developing and least-developed countries. For people who live in these places, Internet connectivity is not just about the Internet. It is a lifeline that gives access to electronic commerce and telehealth services, distance learning, social and political engagement, government services... more

An Update on Securing BGP from IETF 102

One way or another we've been working on various aspects of securing the Internet's inter-domain routing system for many years. I recall presentations dating back to the late '90's that point vaguely to using some form of a digital signature on BGP updates that would allow a BGP speaker to assure themselves as to the veracity of a route advertisement. more

News Briefs

Nigerian Cable Company Takes Blame for Misrouting Google's Global Traffic Through China

China Telecom Accused of Misdirecting Internet Traffic

US Senators Urge Canada to Drop China’s Huawei Technologies in Building Future Telecom Networks

Internet Society Partnering With Facebook to Develop Internet Exchange Points Throughout Africa

Microsoft Cancels Plans to Move Its Internal Wireless Network to IPv6-Only

Large-Scale Study by Security Researchers in China Sheds Light on the Scope of DNS Interception

Group of Engineers Have Created a Way to Detect Dangerous Objects in Baggage Using Public Wifi

Escalating War in Yemen Dividing Country's Internet

Russian Hackers Have Penetrated U.S. Electric Utilities

Doug Madory Reports on Shutting Down the BGP Hijack Factory

Oracle Launches Internet Intelligence Map Providing Insight Into the Impact of Internet Disruptions

DNS Firewall Market Expected to Grow From $90.5 Million in 2018 to $169.7 Million by 2023

US Federal Judge Dismisses Kaspersky Lawsuit, Government-Wide Ban Stays in Place

Kaspersky Lab Software Too Deeply Embedded in US Gov Network, Impossible to Get Rid Off by October

Newly Discovered Malware Called VPNFilter is Targeting at Least 500K Networking Devices Worldwide

New Type of DDoS Attack Targets Vulnerability in Universal Plug and Play Networking Protocol

Moving to IPv6 Is Becoming a Matter of Business Continuity, Says NASA Transition Manager

Google Ends Domain-Fronting Feature Used by Censorship Tools

Enterprise Networks Are Being Impacted by Unwanted and Unidentified Cryptomining Activity

Iran Among Countries Affected by a Cyberattack That Left U.S. Flag on Screens

Most Viewed

Most Commented

Industry Updates

Peering Versus IP Transit: Answering the Age-Old Question

Navigating IPv4 Market: Industry Pioneers Marc Lindsey and Janine Goodman to Speak at Interop ITX

Attacks Decrease by 23 Percent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Mobile Web Intelligence Report: Bots and Crawlers May Represent up to 50% of Web Traffic

Data Volumes and Network Stress to Be Top IoT Concerns

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

Dyn Evolves Internet Performance Space with Launch of Internet Intelligence

Verisign's Q2'15 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

Verisign iDefense 2015 Cyber-Threats and Trends

3 Questions to Ask Your DNS Host About DDoS

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

Neustar to Build Multiple Tbps DDoS Mitigation Platform

Participants – Random Selection