Networks

Networks / Most Viewed

Anyone Who Still Thinks IPv6 Won't Happen Clearly Isn't Watching the Measurements

Anyone who still is using the "I'll-just-wait-on-IPv6-because-it-will-never-happen" approach is clearly NOT watching the measurements. First, there was the news last week that Google's IPv6 measurement had crossed over 3% less than five months after crossing the 2% mark. Then today comes word from the World IPv6 Launch measurements program that the February 2014 measurements are up... more

Network Solutions Under Large Scale DDoS Attack, Millions of Websites Potentially Unreachable

Network Solutions is having problems with "all" its name servers, according to their tech support and a recent post on North American Network Operators' Group (NANOG) mailing list indicates that it has been under very large-scale UDP/53 DDoS attack for the last 48 hour period. As a result, domain names hosted with Network Solutions' Worldnic have been affected. Network Solutions is one of the leading domain registrars and DNS hosting providers in the world, managing more than 7.6 million domain names. more

Defending Networks Against DNS Rebinding Attacks

DNS rebinding attacks are real and can be carried out in the real world. They can penetrate through browsers, Java, Flash, Adobe and can have serious implications for Web 2.0-type applications that pack more code and action onto the client. Such an attack can convert browsers into open network proxies and get around firewalls to access internal documents and services. It requires less than $100 to temporarily hijack 100,000 IP addresses for sending spam and defrauding pay-per-click advertisers. Everyone is at risk and relying on network firewalls is simply not enough. In a paper released by Stanford Security Lab, "Protecting Browsers from DNS Rebinding Attacks," authors Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and Dan Boneh provide ample detail about the nature of this attack as well as strong defenses that can be put in place in order to help protect modern browsers. more

RFC 1918 Address Space: Why It Was Needed then and How It Will Change in IPv6!

Recently, my firm has seen a lot of interest come from Enterprises seeking IPAM/DNS tools. We predicted that IPv6 adoption and the need for automation software/tools would follow the Internet ecosystem's supply chain starting with Service Providers consisting of ISPs, I/PaaS, ASPs, then content providers (mostly a service really), then Enterprises, followed by SMBs & Consumers. While good for business, it has also forced us to revisit and think thru many TCP/IP protocol standards... more

IP Address Exhaustion In 12 Easy Questions

It seems that there is an increasing level of interest in the topic of IPv4 address exhaustion, so I thought I'll share a set of answers to the most common questions I've been asked on this topic in recent times. ... If there is a common factor in many of these challenges, it is scaling the network to meet an ever expanding agenda of more users, more devices, more traffic, more services and more policies. more

DNS, DNSSEC and Google's Public DNS Service

For some time now we've been tracking the progress of the deployment of DNSSEC in the Internet. Its been a story of an evolution of the measurement technique... In the process we've learned perhaps more than we had wanted to about the behaviour of Flash engines, Apache web servers and FreeBSD system tuning, and also learned much more than we had anticipated about the finer details of Google's online ad presentation behaviour. But one thing we did not see in all of this was any large scale jumps in the level of client use of DNSSEC validation over this period at the start of the year. more

Twenty Myths and Truths About IPv6 and the US IPv6 Transition

After hearing over 350 presentations on IPv6 from IPv6-related events in the US (seven of them), China, Spain, Japan, and Australia, and having had over 3,000 discussions about IPv6 with over a thousand well-informed people in the IPv6 community, I have come to the conclusion that all parties, particularly the press, have done a terrible job of informing people about the bigger picture of IPv6, over the last decade, and that we need to achieve a new consensus that doesn't include so much common wisdom that is simply mythical. There are many others in a position to do this exercise better than I can, and I invite them to make a better list than mine, which follows. more

Who Uses Google's Public DNS?

Much has been said about how Google uses the services they provide, including their mail service, their office productivity tools, file storage and similar services, as a means of gathering an accurate profile of each individual user of their services. The company has made a very successful business out of measuring users, and selling those metrics to advertisers. But can we measure Google as they undertake this activity? How many users avail themselves of their services? Perhaps that's a little ambitious at this stage, so maybe a slightly smaller scale may be better. Let's just look at one Google service. more

Addressing the Future Internet

What economic and social factors are shaping our future needs and expectations for communications systems? This question was the theme of a joint National Science Foundation (NSF) and Organisation for Economic Co Operation and Development (OECD) workshop, held on the 31st January of this year. The approach taken for this workshop was to assemble a group of technologists, economists, industry, regulatory and political actors and ask each of them to consider a small set of specific questions related to a future Internet. Thankfully, this exercise was not just another search for the next "Killer App", nor a design exercise for IP version 7. It was a valuable opportunity to pause and reflect on some of the sins of omission in today's Internet and ask why, and reflect on some of the unintended consequences of the Internet and ask if they were truly unavoidable consequences... more

A Closer Look at Iran's State of Internet, Strange Transit Changes in Wake of Controversial Election

Many media sources have reported outages in Iranian mobile networks and Internet services in the wake of Friday's controversial elections. We took a look at the state of Iranian Internet transit, as seen in the aggregated global routing tables, and found that the story is not as clear-cut as has been reported. There's no question that something large happened in the Iranian telecom space, and that the timing aligns with the close of voting and the emerging controversy... more

Internet Governance Outlook 2014: Good News, Bad News, No News?

What does the crystal ball say for the Internet in 2014? Here are three scenarios for what could happen with the global Internet Governance Eco-System in the coming 12 months... In the worst case scenario the Internet gets more and more fragmented and re-nationalized. A growing number of governments start to define a "national Internet segment" and develop policies to surveil, censor and control access to and use of the Internet. National firewalls will separate the "domestic Internet" from the global Internet and an exit and entrance regime into networks is introduced where users need passwords, handed out by governmental authorities on an annual basis, to go from one domain to another... more

IPv6: Don't Forget About Your Switches!

When preparing a network for IPv6, I often hear network administrators say that their switches are agnostic and that there is no need to worry about them. Not so fast. Yes, LAN switches function mainly at layer 2 by forwarding Ethernet frames regardless of whether the packet inside is IPv4 or IPv6 (or even something else!) However, there are some functions on a switch that operate at layer 3 or higher. more

IPv6 Subnetting - The Paradigm Shift

Almost every conversation I have with folks just learning about IPv6 goes about the same way; once I'm finally able to convince them that IPv6 is not going away and is needed in their network, the questions start. One of the most practical and essential early questions that needs to be asked (but often isn't) is "how do I lay out my IPv6 subnets?" The reason this is such an important question is that it's very easy to get IPv6 subnetting wrong by doing it like you do in IPv4. more

Where Is Cyberspace?

In my first CircleID post, I compared the cyberspace to a farmland, which has to be cultivated and developed. I ended by asking: Where is cyberspace? I have asked this same question from many people, many of whom are internet experts. They all said the cyberspace is in the computers, networks, or servers, or the Internet itself. I agree with these cyberspace ideas. In addition, my opinion is a bit different. more

How Did IPv6 Come About, Anyway?

This is a special two-part series article providing a distinct and critical perspective on Internet Protocol Version 6 (IPv6) and the underlying realities of its deployment. The first part gives a closer look at how IPv6 came about and the second part exposes the myths.

In January 1983, the Advanced Research Projects Agency Network (ARPANET) experienced a "flag day," and the Network Control Protocol, NCP, was turned off, and TCP/IP was turned on. Although there are, no doubt, some who would like to see a similar flag day where the world turns off its use of IPv4 and switches over to IPv6, such a scenario is a wild-eyed fantasy. Obviously, the Internet is now way too big for coordinated flag days. The transition of IPv6 into a mainstream deployed technology for the global Internet will take some years, and for many there is still a lingering doubt that it will happen at all. more

Industry Updates

Peering Versus IP Transit: Answering the Age-Old Question

Navigating IPv4 Market: Industry Pioneers Marc Lindsey and Janine Goodman to Speak at Interop ITX

Attacks Decrease by 23 Percent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Mobile Web Intelligence Report: Bots and Crawlers May Represent up to 50% of Web Traffic

Data Volumes and Network Stress to Be Top IoT Concerns

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

Dyn Evolves Internet Performance Space with Launch of Internet Intelligence

Verisign's Q2'15 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

Verisign iDefense 2015 Cyber-Threats and Trends

3 Questions to Ask Your DNS Host About DDoS

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

Neustar to Build Multiple Tbps DDoS Mitigation Platform