Forgot your password?
typodupeerror
The Internet

5% of the Net is Unreachable 198

Posted by CmdrTaco
from the but-never-the-spammer-percent dept.
dasheiff writes "A BBC Story says US researchers reveal that up to 5% of the internet is completely unreachable. However the most interesting part is that they reported that many of the lost net sites flare into life briefly when being used to send spam or to launch attacks on other parts of the net."
This discussion has been archived. No new comments can be posted.

5% of the Net is Unreachable

Comments Filter:
  • Then again, the figure would have been more like 50% in that case...
  • Ironic (Score:5, Funny)

    by Scutter (18425) on Wednesday December 26, 2001 @11:40AM (#2751879) Journal
    That link appears to be unreachable from my network.
    • Re:Ironic (Score:2, Funny)

      by homebru (57152)
      That link appears to be unreachable from my network.

      Right now, I can't get to BBC [bbc.co.uk], The Guardian [guardian.co.uk], or The Register [theregister.co.uk].

      Maybe they've shut the uk domain down for boxing day.

      • by Anonymous Coward
        whois theregister.co.uk

        Domain Name: THEREGISTER.CO.UK

        Registered For: The Register

        Domain Registered By: DETAGGED

        Record last updated on 24-Dec-2001 by .

        Domain servers listed in order:

        WHOIS database last updated at 08:21:01 26-Dec-2001
    • This is funny because nobody goes to my website... I guess I'm unreachable.
  • by Brento (26177) <.moc.razotnerb. .ta. .otnerb.> on Wednesday December 26, 2001 @11:41AM (#2751881) Homepage
    The article also reports that approximately 13% of network admins are unreachable. These are the same people believed to be responsible for leaving Windows NT/2000 machines serving web pages without any service packs or security patches. These admins surface from time to time when they respond to said spam.
  • Unreachable? (Score:4, Insightful)

    by WinstonSmith (69165) on Wednesday December 26, 2001 @11:41AM (#2751884)
    If it is unreachable, is it really part of the Internet?

    When I turn off my router, I don't really consider my home machines part of the Internet even though they are running and connected by a physicall wire.
    • Re:Unreachable? (Score:5, Insightful)

      by d5w (513456) on Wednesday December 26, 2001 @11:52AM (#2751928)
      If it is unreachable, is it really part of the Internet?
      Check out the Arbor Networks [arbornetworks.com] presentation [arbornetworks.com] the BBC is referring to. Their definition of "dark address spaces" is
      "The range of topology accessible from one provider, but unreachable via one or more competitor networks"
      So, yes, these addresses are reachable by someone, just not by everyone.
      • by Anonymous Coward
        Yeah, but I believe the question was 'If it is unreachable, is it really part of the Internet? '. And as soon as you think about it, post a reply to the 'falling tree in the forest' question, and might want to touch on the 'chicken before egg' problem, and while you at it, we would all like to know if the Hitch Hikers Guild to the Galaxy is correct about 'the answer to life'.
    • Re:Unreachable? (Score:3, Insightful)

      by Kirruth (544020)
      You can reach these "dark spaces" if you know what you are doing. The simplest way is to use an http proxy (or tracert host) in another part of the net, or just use another isp. They are not unreachable in that sense, even though the default route from where you are may not work.

      Spammers or system crackers often seem to do the trick of hacking into a set of home user broadband machines, I guess using a trojan or worm, turning them into a chain of proxies, then nailing the router between the last of the proxies and the rest of the net. In this way they make their own dark space.

      • Except using an HTTP proxy won't always work due to the fact that "The Internet"(resounding boom) is not made up of merely web servers.
  • by fader (107759) <fader&hotpop,com> on Wednesday December 26, 2001 @11:41AM (#2751886) Homepage
    Here, let me sum up for you.

    Spammers hide on the 'net by playing with unsecured routers.

    What worries me is that it took someone three years to figure this out...
    • by satch89450 (186046) on Wednesday December 26, 2001 @01:40PM (#2752297) Homepage

      What worries me is that it took someone three years to figure this out...

      I think you may have jumped to a wrong conclusion here. It didn't take three years to figure out that spammers play around with unsecured routers. It took three years to prove via experiment and measurement the extent of the problem, and to quantify the extent of the problem.

      When the little boy has cried "Wolf!" often enough, the lone cry is quickly ignored. When the little boy then yells "Wolf, range 600, bearing 219" the cry takes on a bit more significance, don't you think?

      If you can't measure it, it's opinion not science. (No, I can't find who said it first -- it's not original with me.)

      • If you can't measure it, it's opinion not science. (No, I can't find who said it first -- it's not original with me.)
        My recollection was that Lord Kelvin was the originator. A quick search with Google turned up this Kelvin quote (among others that are more entertaining :-))
        I often say that when you can measure what you are speaking about, and express it in numbers, you know something about it; but when you cannot measure it, when you cannot express it in numbers, your knowledge is of a meagre and unsatisfactory kind; it may be the beginning of knowledge, but you have scarcely in your thoughts advanced to the state of Science, whatever the matter may be.
    • You say "spammers hide"? They don't. I am puzzled how to fight a dedicated spam-ISP like this one [web-jet.com] who offers "safe haven" for all bulk-mail senders that were kicked out from other ISPs. Can I make THEIR portion of internet unreachable?
    • it didn't take 3 years. It was already discussed here [slashdot.org]
  • by Inthewire (521207) on Wednesday December 26, 2001 @11:42AM (#2751887)
    ...the article says those sites are "old" and "unlisted due to age" (not direct quotes)

    Maybe they just, um, are delisted due to paranoia, perhaps justified?
  • Only 5%? (Score:5, Funny)

    by at_18 (224304) on Wednesday December 26, 2001 @11:42AM (#2751889) Journal
    That's funny, when I try to send replies to all my spam, it seems that 100% of the net is unreachable...
  • I own a site which could, for all intents and purposes could be called a 'lost site'. It's a domain which is virtually inactive (mainly because, quite frankly, I'm a lazy bastard).

    Most of the time, don't give genius the credit when stupidity could do.

    Now, I've been atacked by these spamholes as well. There's nothing like hijacking a DNS server.. oops..
  • Does this explain why www.theregister.co.uk is returning NXDOMAIN?

    I've certainly noticed problems resolving various places from .au recently, and put it down to holidays being had by people who usually boot broken kit.
    • Does this explain why www.theregister.co.uk is returning NXDOMAIN?

      I've certainly noticed problems resolving various places from .au recently, and put it down to holidays being had by people who usually boot broken kit.

      After they switched our cable modem over to AT&T's new network from Excite, I noticed that even though they were dynamically assigning the router 5 different DNS servers on widely disparate networks, I still couldn't resolve regular sites like slashdot [slashdot.org] or CNN [cnn.com]. Just errored out.

      Did Excite do some sort of large scale public service that I'm unaware of? Were they providing really top of the line DNS service and I was just too dumb to realize it?

      Doesn't this sound like a country song... "Didn't know what good DNS I had, until it was gone..."

      Maybe it's time I press this old windows box into service as a public DNS server. I mean, small contributions make the world go around, right? I bet I could get redhat running in an hour or less...

      This just proves, an idle mind is the devil's workshop...
    • I've noticed www.theregister.co.uk has been down for awhile to.

      Does anybody no what is happening?
    • by Anonymous Coward
      I noticed this last night, too, so I did some whois-es, and went to the website of their registrar, and it appears that their registration has lapsed or something. (Nasty Christmas surprise.)

      I resisted the temptation to re-register the domain for them for $6.75 per annum, as it would probably cause too much trouble, and I have no idea what their DNS servers are, etc.
    • Through the cunning use of http://www.nic.uk I have determined that theregister.co.uk has been detagged:

      http://www.nic.uk/cgi-bin/whois.cgi?query=thereg is ter.co.uk

      .co.uk domains are linked to an isp by tags. the isp then sets things like the name servers and stuff. Detagging happens when you no longer want a domain, your isp is crap, or there is some sort of contract/legal dispute going on. Lets hope it was just the isp being crap.

      I look forwarding to reading theregister's first article once their site goes live again. Last time they had problems (with a router iirc) the article about it was the best laugh i had in ages (sad i know).

      --dan
      ps. the parent may be offtopic but this post is not offtopic as a reply to its parent :o)
  • Okay, so what happens if I happen to be in that 5% of the net? 95% of the net is cut off for me? Is this the case, or have I made a mistake in understanding it?
    • In some cases yes, in some cases no.

      In the case of waring ISPs mentioned in the article, you'll see 95% of the net, you won't see the 5% served by the other ISP.

      If you're behind a hacked router then you might see all the net you might not. Most likely you won't see anything.

      There's also the case of companies that had IP addresses assigned to them, that keep them unreachable from outside. Depending on their policies you may not see the net.

      And if you're on an IP address assigned to an ISP or company that ceases to operate, you'll most likely not see the other 95% of the net.

      It all depends on the net, the net isn't all that deterministic. Its kind of like a living organism with a personality you have to beat with a large stick. Usually you apply the stick to your neighbours if you're using a cable modem. Or to your ISPs first tier support (who often need a good thrashing, 'No its not my computer your router isn't working').
  • by mrroot (543673) on Wednesday December 26, 2001 @11:44AM (#2751898)
    5% of all internet sites unreachable?
    ...maybe they were slashdotted
    • They are with me now.
      Thanks for asking
    • Perhaps they should say, "5% of the registered address space is not reachable." Where reachability is determined from inspection of the routing tables from various providers all over the globe.

      I wonder if they took into account the number of address blocks allocated but not assigned and thus not, yet, announced? The last block we were assigned wasn't in the global routing table for several months. And what about NATed networks? Or people who have 50x more addresses than they need (a /24 for an office of seven computers)?
  • by el'gwato (232384) <djukes@sols.uq.edu.au> on Wednesday December 26, 2001 @11:47AM (#2751906) Homepage
    My war on spam begins with all Spammers, but it does not end there. It will not end until every spamming group of global reach has been found, stopped and defeated.

    These spamists spam not merely to waste bandwidth, but to disrupt and end a way of life. With every piece of unsolicited mail, they hope that genuine e-mailers grow fearful, retreating from cyber space and forsaking news groups. They stand against me, because I stand in their way.

    I am not deceived by their pretenses to piety. I have seen their kind before. They are the heirs of all the spamist ideologies of the 20th century. By sacrificing bandwidth to serve their advertising visions -- by abandoning every value except the will to power -- they follow in the path of fascism, and Nazism, and totalitarianism. And they will follow that path all the way, to where it ends: in history's unmarked grave of discarded trash cans.

    My response involves far more than instant retaliation and isolated replies.
    I should not expect one battle, but a lengthy campaign, unlike any other we have ever seen. It may include dramatic e-mails to ISP's, visible to News groups, and covert operations, secret even in success. I will starve spamists of funding, turn them one against another, drive them from ISP to ISP, until there is no refuge or no rest. And I will pursue ISP's that provide aid or safe haven to spammers. Every ISP, in every region, now has a decision to make. Either you are with me, or you are with the spamists.

    From this day forward, any ISP that continues to harbor or support spamists will be regarded by me as a hostile regime.
    • You forget to include the vilest -ism of all, now dead for the most parts: communism.
    • lol

      That shit was just too funny.... :)
  • by mrroot (543673) on Wednesday December 26, 2001 @11:47AM (#2751907)
    at any given time, 5% of all the Windows servers out there are busy rebooting
  • Sites behind NAT (Score:3, Insightful)

    by category9 (521982) on Wednesday December 26, 2001 @11:48AM (#2751910) Homepage
    I'd wager a great deal more than 5% is inaccessible if you count all the home sites locked away behind nat firewalls. Once we all start getting hundreds of IPv6 addresses at home, we'll start to see hundreds more small home/user sites popping up. This could greatly change the structure of the net, once again breaking away from the central information resources we are beggining to solely rely on and start using small independent resources much more.
    • by madcoder47 (541409)
      IPv6 is going to take forever to implement! The whole net infrastructure is IPv4, and to upgrade software, NICs, Routers, Firmware-of-net-devices and the like will cost fortunes and be a lengthy switch. sure I'd love to see the day when we all can have 100s of IPs, but i dont think it will happen soon.
      • Re:Sites behind NAT (Score:2, Interesting)

        by category9 (521982)
        I think the evolution of IPv6 will take place in new networks, for example 3G mobile nets. Over time this new networks will take over the old ones, and one by one IPv6 nets will become obselete and switched off. I'll agree that a large number of networks will convert from v4 to v6, for example academic networks, but most will just fade into the past. Perhaps one day the v4 internet will become a cult network once again ruled by the hackers that invented it.
    • I'd wager a great deal more than 5% is inaccessible if you count all the home sites locked away behind nat firewalls. Once we all start getting hundreds of IPv6 addresses at home, we'll start to see hundreds more small home/user sites popping up. This could greatly change the structure of the net, once again breaking away from the central information resources we are beggining to solely rely on and start using small independent resources much more.

      I don't think that being behind a NAT device constitutes being "unreachable". granted, you're reachability is governed by policies with NAT, but that's an administrative matter, not a Layer3 (IP) reachability issue.


    • I'd wager a great deal more than 5% is inaccessible if you count all the home sites locked away behind nat firewalls.


      Jesus, no-one else has picked up on this. This is a dangerous myth. NAT IS NOT A FIREWALL. NAT IS NOT A SECURITY DEVICE. NAT'd MACHINES CAN STILL BE CRACKED FROM THE PUBLIC NET.


      If you think I'm wrong, I suggest you dig out some networking docs and look for proof that I'm wrong....

  • Hijacked IP-Blocks (Score:1, Interesting)

    by twstdr00t (78288)
    Couldn't this be part of the IP-blocks that just appear and disappear mostly for sending spam?
  • Route Distribution (Score:2, Informative)

    by madcoder47 (541409)
    a split could become a serious threat to the internet as it expands. With ISPs choosing higher capacity lines in order to keep their customers happy, the companies with the fattest pipes will get all the connections. If the routers that control the traffic on these high bandwidth lines get overloaded or hacked, there is a potential for the internet to split apart.
  • A different theory (Score:5, Interesting)

    by ackthpt (218170) on Wednesday December 26, 2001 @11:54AM (#2751939) Homepage Journal
    If 5% is unreachable then it's not part of the net. So, at all times 100% is reachable, the net is just variable in size.

    I've run into sites which are up or down and often they're in a small shop and they actually power down their server (or it happens with a power/service outage) Lots of broken links on images. It would be interesting to see a statistic on how many pages which are technically non-functional still exist, i.e. with parts unable to display due to broken links, from sites gone away or pages moved but links not updated (which even M$N does from time to time)

  • Pardon? (Score:4, Informative)

    by justinstreufert (459931) on Wednesday December 26, 2001 @11:56AM (#2751947) Homepage
    This instantly strikes me as sort of dumb. Unreachable? By whom? In what way? What were the methods? Are you talking about IP addresses or domain names? Did you take into account:
    • Unallocated IP blocks
    • Unused allocated blocks that are being sat on by their owners
    • Dialup, DSL and Cable-modem users
    • Sites that are down
    • Sites that do not accept ICMP (or whatever protocol they used)
    • Desktop computers that people turn off
    • Firewalls that pretend they don't exist

    The problem with lost peering agreements between ISPs causing partial 'net outages is well-understood. So what exactly have they measured here?! Seems like a shaky story to get one's name in the news.


    Justin

    • Re:Pardon? (Score:3, Interesting)

      by phred (14852)
      Next time you spout off, maybe you might think about actually researching the subject first. This whole story is based on a paper [nanog.org] that was presented at the October NANOG conference.

      You do a disservice to the memory of Abha Ahuja with your uninformed yelping. This had nothing to do with a cheap gimmick to get publicity.

      --------
  • by ethaz (413842) on Wednesday December 26, 2001 @11:57AM (#2751950)
    I can't tell you how often I have had customers demand public IP addresses for a private Frame Relay network with no Internet connection.



    More than once, I've said "Here you are, you get an entire Class A because we think you are so great. Your adresses are 10.x.x.x"

    • Which is fine until they decide they do want to route to the Internet...
      • And they believe that their 10.x.x.x network is a real IP address...and you have to try to explain that no...it's a unroutable and unusable address and they must either renumber everything or run some sort of address translation.
    • Sure, these days just about everybody uses firewalls, so the only parts appearing to the outside world are a few addresses for the outside of the firewall (one or more, depending on geographical diversity, backup needs, etc.) You can use RFC1918 internally, but if you're mostly connecting to the outside, sometimes it does make sense to use registered addresses, especially if you think you'll change from using that frame relay network to VPNs or some other architecture in a year or two, or if you think you might merge with another company.

      Whenever I use 10.x addresses, I never use 10.1.*.* - 10.10.*.*, and usually pick a random number to subnet under (10.RAND.*.*) so that if I have to merge it with another numbering system, there's less chance of collisions, renumbering, NAT, etc.

  • by Goldenhawk (242867) on Wednesday December 26, 2001 @11:59AM (#2751957) Homepage
    ... that much spam could be identified and stopped more easily by careful tracking of the routing information. The article (actually you have to follow the PDF link to get the real information, not just the executive summary) points out that much of the spam identified came from sites that were established and routed, then sent out the spam, and then shut down again immediately.

    Seems to me that you could make some progress against the spam by simply refusing any email from a domain that hadn't been recognized on the net for at least several days or maybe weeks.

    If you haven't followed the PDF link, there are some interesting time history graphs of various routing parameters. Worth checking out.
  • repeated article... (Score:5, Informative)

    by Raleel (30913) on Wednesday December 26, 2001 @12:04PM (#2751975)
    actually,a BBC rehash of an article that was up a month ago

    http://slashdot.org/article.pl?sid=01/11/15/0517 23 7&mode=thread
    • actually,a BBC rehash of an article that was up a month ago
      http://slashdot.org/article.pl?sid=01/11/15/051723 7 [slashdot.org]

      Be kind, everyone is still hunge over from xmas egg nog, etc.

      • No don't be kind. Be critical that is how things get better. I realized that this was a repeat right away. Do the people who authorize stories read slashdot? I don't mean to be an ass but this was pretty recent. I don't mind so much when i see a story that i remember from 2 years ago but this was too recent. Being able to remember stories from less than two months ago seems pretty easy. Furthermore is it so hard to search slashdot? And finally this story sucked, atleast the bbc coverage did. Even the ppt slides that the arbor people published are lacking in details. Not like anyone read the real data. But come on imagine if every story that got posted on slashdot got followed up a month later with a crappeir report of the same shit.
        Thank god kuro5hin is back...
  • If only (Score:4, Funny)

    by gila_monster (544999) <traveler...in...black+sd@@@gmail...com> on Wednesday December 26, 2001 @12:17PM (#2752009) Homepage
    it happened to be the 5% not worth viewing.
  • I mean, how could there be any other answer?

  • by gvonk (107719) <<moc.knovtterrag> <ta> <todhsals>> on Wednesday December 26, 2001 @12:19PM (#2752019) Homepage
    "So when they counted the census results last year, they noticed that 1.5 to 2 percent of the population went uncounted.... How do they know that?"
  • Ummm.... (Score:2, Insightful)

    by NiftyNews (537829)
    How exactly does one define any part of the net as "unreachable?" Doesn't the term "internet" imply that it is available on the network?

    Seems kinda silly if you ask me. Why not declare that 59.28% of the internet is unreachable? Why not 600%? They're all equally unprovable and meaningless ;)

  • by quakeaddict (94195) on Wednesday December 26, 2001 @12:23PM (#2752024)
    Thats the @home Part of the Internet....

    enough said.
  • A similar article was posted [slashdot.org] here recently...
  • by Mr.Ned (79679)
    Wait... so 5% of the net is avalible on the Slashdot home page at any given time?
  • Priorities (Score:5, Funny)

    by r_j_prahad (309298) <r_j_prahad AT hotmail DOT com> on Wednesday December 26, 2001 @12:48PM (#2752113)
    The only time I worry is when 127.0.0.1 becomes unreachable.
  • Research paper (Score:4, Informative)

    by hearingaid (216439) <redvision@geocities.com> on Wednesday December 26, 2001 @12:55PM (#2752139) Homepage

    It's irritating how people don't even read the BBC quick-article, but for those who actually want to know what the researchers figured out: the paper is here; [arbor.net] it's in Acrobat format, sigh.

  • by Wakko Warner (324) on Wednesday December 26, 2001 @01:08PM (#2752177) Homepage Journal
    Seriously, I could've told you that 5% of the net is unreachable at any given time. It's called "PPP Connections". This is some sort of breakthrough research?

    - A.P.
  • by Rasvar (35511) on Wednesday December 26, 2001 @01:15PM (#2752207)
    is an XP box that I refuse to leave powered up when I am not using it. Nothing like a patch a day security.
  • by sh0rtie (455432) on Wednesday December 26, 2001 @01:35PM (#2752281)
    For those that don't have access to that disgusting PDF Adobe file format, here is a link to a plain html [google.com] version.
  • Hmmm.... (Score:2, Redundant)

    by jgerman (106518)
    If it's unreachable, it's not part of the net. Hence the word network. Therefore no part of the net is unreachable.
  • by Darth RadaR (221648) on Wednesday December 26, 2001 @02:09PM (#2752402) Journal
    Maybe it's just the 5% of pr0n sites that they don't have passwords to?
    :^)
  • by tadas (34825) on Wednesday December 26, 2001 @02:40PM (#2752504)
    It's gotta be more than 5%. I generally can't connect to *any* link on the front page of this site...
  • How about everyone spend an hour or two on the first Saturday of every quarter working on 'hurting' all the SPAMMERS in their mailbox?

    Hurt could be legal (complaints, blocking, etc), quasi-legal (nmap, ping attacks, etc) or illegal (kill the bastards and drag their guts down the block as an example of what could happen to spammers in the future). Let your rules of engagement be your guide.

    If we all spent 1-2 hours on this four times in 2002, I'll guess that there would be fewer spammers in the trade by the end of the year, not more.

    Thoughts? I'll stay legal for the moment.

    -- Multics

    • Until this point, I have tried to stay out of the active spam-hunting role, as it seems to be an awful lot of time and energy expelled in the wrong direction.

      That said, I got all my spams in threes this morning, and they were all individually addressed to me (rather than BCC'd), which meant I actually had to look at them. What's worse is that all three of the addresses that they were sent to were dummy addresses on my domain, used only once, in this article [slashdot.org]!

      Nice to see that the spam spiders are hitting /. articles on spam!! :(

      So yes, today I think I'm quite willing to get on board the spam battle. It seems that having an unmunged email address appear on /. even ONCE is enough to get it picked up and raped.
  • by Animats (122034) on Wednesday December 26, 2001 @03:26PM (#2752689) Homepage
    The MILNET side of the Internet still uses fixed "hosts.txt" tables to some extent, rather than domain name servers. This keeps critical communications going even if DNS is messed up. (The DDN people never really liked BIND, which they didn't contract for; Berkeley did it on their own, without thinking through the security issues.)

    MILNET uses IP addresses in the same space as the public Internet. The MILNET is normally connected to the rest of the Internet through gateways, but during crisis periods, those gateways are sometimes turned off. After September 11th, much of the MILNET was inaccessable from the public Internet for a day or two. That may be what those researchers saw.

  • Slashdot on Exodus (Score:4, Informative)

    by fliplap (113705) on Wednesday December 26, 2001 @04:07PM (#2752829) Homepage Journal
    At the momement, Slashdot, as well as many other Exodus hosted sites such as google and ebay are completely unreachable from many parts of the net. I'm typing this via lynx ssh'd into my account at ASU and I am for some reason able to reach them. It appears that anyone currently on the @home network is unable to reach exodus sites, as well as anyone on the axinet network. I can't confirm anyone else's problems but this is what I've seen.
    At first I though thats what this story was refering to

  • Even worse (Score:3, Funny)

    by rudy_wayne (414635) on Wednesday December 26, 2001 @04:12PM (#2752848)
    Even worse than the 5% that is unreachable is the 90 percent that is unusable.
  • ummmm (Score:2, Informative)

    didn't this same topic come up just a brief while ago? I'm not going to bother looking up the link, but if I can remember it as a simple user, I should hope the editors can...
  • Sites blocked by realtime black list may be unreachable by much of the net because a backbone provider is dropping all the packets from that site. This would make the site invisible past the backbone provider subscribing to the blacklist. Thank goodness someone has the gumption to prevent network degradation from sites that spew massive junk and bandwidth on the net.

PLUG IT IN!!!

Working...