5% of the Net is Unreachable

dasheiff writes "A BBC Story says US researchers reveal that up to 5% of the internet is completely unreachable. However the most interesting part is that they reported that many of the lost net sites flare into life briefly when being used to send spam or to launch attacks on other parts of the net."

The article mentions US military sites

[Inthewire]

...the article says those sites are "old" and "unlisted due to age" (not direct quotes)

Maybe they just, um, are delisted due to paranoia, perhaps justified?

Well.. not all of us are bad.

[d.valued]

I own a site which could, for all intents and purposes could be called a 'lost site'. It's a domain which is virtually inactive (mainly because, quite frankly, I'm a lazy bastard).

Most of the time, don't give genius the credit when stupidity could do.

Now, I've been atacked by these spamholes as well. There's nothing like hijacking a DNS server.. oops..

Route Distribution

[madcoder47]

a split could become a serious threat to the internet as it expands. With ISPs choosing higher capacity lines in order to keep their customers happy, the companies with the fattest pipes will get all the connections. If the routers that control the traffic on these high bandwidth lines get overloaded or hacked, there is a potential for the internet to split apart.

Pardon?

[justinstreufert]

This instantly strikes me as sort of dumb. Unreachable? By whom? In what way? What were the methods? Are you talking about IP addresses or domain names? Did you take into account:

• Unallocated IP blocks
  
• Unused allocated blocks that are being sat on by their owners
  
• Dialup, DSL and Cable-modem users
  
• Sites that are down
  
• Sites that do not accept ICMP (or whatever protocol they used)
  
• Desktop computers that people turn off
  
• Firewalls that pretend they don't exist
  

The problem with lost peering agreements between ISPs causing partial 'net outages is well-understood. So what exactly have they measured here?! Seems like a shaky story to get one's name in the news.

Justin

Re:Spammers, may they rest in the damnation of hel

[Anonymous Coward]

What are you talking about? That was George W. Bush's speech to the joint houses of Congress a few days after the September 11th attacks. He just replaced terrorists with spamists. As for how many bong hits, 13. George has a very strong constitution and requires many bong hits to get him into full terrorist ass kicking speech mode. He did an excellent job though so I say we send him weed for Christmas.

This leads to an interesting possibility

[Goldenhawk]

... that much spam could be identified and stopped more easily by careful tracking of the routing information. The article (actually you have to follow the PDF link to get the real information, not just the executive summary) points out that much of the spam identified came from sites that were established and routed, then sent out the spam, and then shut down again immediately.

Seems to me that you could make some progress against the spam by simply refusing any email from a domain that hadn't been recognized on the net for at least several days or maybe weeks.

If you haven't followed the PDF link, there are some interesting time history graphs of various routing parameters. Worth checking out.

repeated article...

[Raleel]

actually,a BBC rehash of an article that was up a month ago

http://slashdot.org/article.pl?sid=01/11/15/0517 23 7&mode=thread

Re:NXDOMAIN for theregister.co.uk

[Anonymous Coward]

do a WHOIS on internic.co.uk - the last change to the domain was made on 24th december...

Research paper

[hearingaid]

It's irritating how people don't even read the BBC quick-article, but for those who actually want to know what the researchers figured out: the paper is here; [arbor.net] it's in Acrobat format, sigh.

Link to html version of report

[sh0rtie]

For those that don't have access to that disgusting PDF Adobe file format, here is a link to a plain html [google.com] version.

Re:whois theregister.co.uk

[Anonymous Coward]

whois theregister.co.uk

Domain Name: THEREGISTER.CO.UK

Registered For: The Register

Domain Registered By: DETAGGED

Record last updated on 24-Dec-2001 by .

Domain servers listed in order:

WHOIS database last updated at 08:21:01 26-Dec-2001

Re:NXDOMAIN for theregister.co.uk

[dun0s]

Through the cunning use of http://www.nic.uk I have determined that theregister.co.uk has been detagged:

http://www.nic.uk/cgi-bin/whois.cgi?query=thereg is ter.co.uk

.co.uk domains are linked to an isp by tags. the isp then sets things like the name servers and stuff. Detagging happens when you no longer want a domain, your isp is crap, or there is some sort of contract/legal dispute going on. Lets hope it was just the isp being crap.

I look forwarding to reading theregister's first article once their site goes live again. Last time they had problems (with a router iirc) the article about it was the best laugh i had in ages (sad i know).

--dan
ps. the parent may be offtopic but this post is not offtopic as a reply to its parent :o)

MILNET doesn't rely on DNS

[Animats]

The MILNET side of the Internet still uses fixed "hosts.txt" tables to some extent, rather than domain name servers. This keeps critical communications going even if DNS is messed up. (The DDN people never really liked BIND, which they didn't contract for; Berkeley did it on their own, without thinking through the security issues.)

MILNET uses IP addresses in the same space as the public Internet. The MILNET is normally connected to the rest of the Internet through gateways, but during crisis periods, those gateways are sometimes turned off. After September 11th, much of the MILNET was inaccessable from the public Internet for a day or two. That may be what those researchers saw.

known "dead" servers here

[Anonymous Coward]

a list of known spamming websites can be found here [thitcho.com].

Slashdot on Exodus

[fliplap]

At the momement, Slashdot, as well as many other Exodus hosted sites such as google and ebay are completely unreachable from many parts of the net. I'm typing this via lynx ssh'd into my account at ASU and I am for some reason able to reach them. It appears that anyone currently on the @home network is unable to reach exodus sites, as well as anyone on the axinet network. I can't confirm anyone else's problems but this is what I've seen.
At first I though thats what this story was refering to

Re:First Saturday of Every Quarter

[nyquist_theorem]

Until this point, I have tried to stay out of the active spam-hunting role, as it seems to be an awful lot of time and energy expelled in the wrong direction.

That said, I got all my spams in threes this morning, and they were all individually addressed to me (rather than BCC'd), which meant I actually had to look at them. What's worse is that all three of the addresses that they were sent to were dummy addresses on my domain, used only once, in this article [slashdot.org]!

Nice to see that the spam spiders are hitting /. articles on spam!! :(

So yes, today I think I'm quite willing to get on board the spam battle. It seems that having an unmunged email address appear on /. even ONCE is enough to get it picked up and raped.

Re:science

[_Knots]

Nag nag nag.

That's the "inverse" not the "contrapositive."

Statement: P implies Q
Inverse: ~P implies ~Q
Converse: Q imples P
Contrapositive: ~Q implies ~P

Statement is logically equal to its contrapositive (both true or both false), and ditto for inverse and converse.

ummmm

[ealar dlanvuli]

didn't this same topic come up just a brief while ago? I'm not going to bother looking up the link, but if I can remember it as a simple user, I should hope the editors can...