John S. Quarterman, long time Internet denizen, wrote one of the
seminal books about networking prior to the commercialization of the
Internet. He co-founded the first Internet consulting firm in Texas
(TIC) in 1986, and co-founded one of the first ISPs in Austin
(Zilker Internet Park, since sold to Jump Point). He was a founder
of TISPA, the Texas ISP Association.
Quarterman was born and raised
in Lowndes County, where he married his wife Gretchen. They live on
the same land where he grew up, and
participate in local community
WWALS is an advocacy organization working for watershed conservation
of the Willacoochee, Withlacoochee, Alapaha, and Little River
Systems watershed in south Georgia and north Florida through
awareness, environmental monitoring, and citizen advocacy.
Let’s look at the top 10 ASNs infested by Ogee according to spam volume
for 1 Feb 2012 to 12 Mar 2012:
Left Axis: Total Ogee volume (spam messages);
Right Axis: top 10 Ogee ASN volume (dotted curves)
It looks like Ogee is a new botnet, since all these top 10 ASNs came up from
zero volume before 18 February 2012.
The biggest initial peak in this graph is from
AS 21788 NOC, #1 in the
U.S. February top 10,
and the biggest late surge is from
AS 10439 CARINET, #8 in that same ranking.
Right below CARINET is AS 32613 IWEB-AS,
Canadian February #1.
The rest of the 8 Ogee-infested from the U.S. top 10 previously described
also are in there, except
AS 7796 ATMLINK
AS 13768 PEER1.
a huge surge in spam from some U.S. ASNs, mostly from ones that hadn’t
even been in the top 10 before, with possible correlations in
one ASN each from Peru and Canada.
Did all this spam come from the same botnet?
Maybe not all, but most.
Eight out of the U.S. top 10 for February show very close correlation
with one botnet, Ogee.
They are listed in the table on the right and shown in the chart below:
Left Axis: ASN volume (spam messages);
Right Axis: Botnet volume (dotted curves)
The chart also shows some ASNs reacted quickly and stopped the spamming,
while others got worse.
It’s a busy chart, so let’s look at simpler charts for one example
each of resilient and susceptible ASNs.
AS 21788 NOC was one of the first and worst affected by this spam surge:
Continue reading →
Egypt returned to the Internet
about 09:30 GMT today (2 February 2011).
This sudden return after being as suddenly disconnected
one week ago (27 January 2011)
is obviously not due to ordinary causes such as congestion,
cable cut, or router failure.
This political disconnection of an entire country does not seem
to have helped the regime responsible for it; quite the opposite.
In the current
Internet routing and addressing architecture, the IP address is used as a single namespace that simultaneously
expresses two functions about a device: its identity and how it is attached to the network. One very visible and
detrimental result of this single namespace is manifested in the rapid growth of the Internet’s DFZ (default-free zone)
as a consequence of multi-homing, traffic engineering (TE), non-aggregatable address allocations, and business events
such as mergers and acquisitions.
LISP changes this by separating IP addresses into two new namespaces: Endpoint Idenfitiers (EIDs), which are assigned
to end-hosts, and Routing Locators (RLOCs), which are assigned to devices (primarily routers) that make up the global
So Lee used that to load-balance facebook,
which you can try out here:
If I understood him, he said his group of network engineers
did all this without needing to involve software development,
because facebook is still “a small, scrappy company” that permits
and encourages such things.
Keven Chege of KENET
NANOG 50 talked about
rapid deployment of cable for Internet use
throughout east Africa, despite vandalism including copper theft
and sabotage by competing ISPs.
Many national research and eduction networks (NRENs) at least planned
in the area.
KENET in Kenya has “Made the big leap from VSAT to fiber”
and is helping coordinate the region; slides include proposed regional mesh map.
Also talking to google and Akamai.
Akamai guy stood up immediately afterwards and said he hear KENET was talking
to google and asked that they should talk to Akamai as well.
Per Hansen of Ciena at
NANOG 50talked about
growing capacity not by adding more
data cables under the sea, rather by increasing spectral density.
Eventually new cables will be needed, but meanwhile he thinks
we can get up from about 2 bits to to 5 or 6 bits per Hertz.
It does require more power: same energy per bit, but more bits.
Plus mesh networks for rerouting, even if it means rerouting
backwards around the world, he notes.
We’ve observed that sort of emergency backwards routing
as long ago as January 2008, in the
U.A.E. Cable Cut.
David G. Ross ofThe David Ross Group Inc. at
data cables under the sea, in which he revealed that Internet growth
has not only not paused during the recession, it has increased,
and it continues to increase in every region in which his company operates,
including Asia, Middle East, and Africa.
North Atlantic hasn’t had any new submarine capacity in years,
in “the most competitive capacity market on Earth”.
It will probably run out in a few years, so now there is demand
to build new cables there.
Each cable costs about $200 million to install.
Slight downside: early remark that he was sure things were the same
as they were when he worked for a telephone company.
Internet security is in a position similar to that of safety in the medical industry. Many doctors have an opinion like this one,
“Only 33% of my patients with diabetes have glycated hemoglobin levels that are at goal. Only 44% have cholesterol levels at goal. A measly 26% have blood pressure at goal. All my grades are well below my institution’s targets.”
And she says, “I don’t even bother checking the results anymore. I just quietly push the reports under my pile of unread journals, phone messages, insurance forms, and prior authorizations.”