Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Great in theory, better for tyrants in practice (Score 2) 57

by 8-Track (#48586555) Attached to: BGP Hijacking Continues, Despite the Ability To Prevent It
That's a bit dramatic. It's a data set with statements about routing, it doesnt affect BGP directly, that's up to the operator who uses the data. The signatures are there so the user of the data can validate intergrity. If it turns out the system is being abused, operators will simply stop using RPKI data and fall back on whatever they use now (e.g. route objects in the IRR).

Comment Re:RPKI (Score 2) 101

by 8-Track (#46526349) Attached to: Routing and DNS Security Ignored By ISPs
Global RPKI deployment stats can be found here; Europe is doing pretty well, growing at a healthy pace: http://certification-stats.rip... As far as router support goes, Cisco and Juniper are doing a good job with support across the platforms: https://www.ripe.net/lir-servi... But with other vendors, RPKI support is pretty much non-existent. Though it's not a requirements to use RPKI data natively on the router, you can also just use validated ROAs from an API, for example: http://localcert.ripe.net:8088...

Submission + - RIPE region runs out of IPv4 adresses, now allocates from last /8 (ripe.net) 1

Submitted by 8-Track
8-Track writes: The RIPE NCC, the Regional Internet Registry (RIR) for Europe, the Middle East and parts of Central Asia, distributed the last blocks of IPv4 address space from the available pool. This means that we are now distributing IPv4 address space to Local Internet Registries (LIRs) from the last /8. This means that an ISP may receive one /22 allocation (1,024 IPv4 addresses), even if they can justify a larger allocation. This /22 allocation will only be made to LIRs if they have already received an IPv6 allocation from an upstream LIR or the RIPE NCC. Time to move to IPv6!
Image

Controlling Linux Using an Android Phone As Mouse, Keyboard, and Gamepad 93

Posted by timothy from the purely-awesome dept.
beefsack writes "Miniand have demonstrated how to control Linux using a Samsung Galaxy S2. Using an MK802 with the ARM build of Droidmote server bundled into an MK802 Lubuntu image with uinput enabled, Miniand demonstrates (video) using an Android phone as a keyboard, mouse, and gamepad over Wi-Fi to the device." Update: 07/10 00:07 GMT by U L : reader ancienthart pointed toward Premotedroid, an (possibly, I could find no license in the code but the code is there) open source alternative.

Comment There's a working solution out there: RPKI (Score 2) 75

by 8-Track (#39830441) Attached to: Engineers Ponder Easier Fix To Internet Problem
I think the paragraph that says RPKI is complex and deployment has been slow is a lie, quite frankly. The five Regional Internet Registries (RIRs) have been heavily involved in the RPKI system, because they are the authoritative source on who the legitimate holder of a certain IP address block is. They launched a service to facilitate RPKI on January 1st, 2011 and adoption has been incredibly good for such a cutting edge technology (for example compared to IPv6 and DNSSEC). Since the launch, more than 1500 ISPs and large organizations world-wide have opted-in to the system and requested a resource certificate. The service that the RIRs offer, along with several open source packages by third parties for management, ensure that network operators only have to worry about entering data and not any of the crypto, making it robust and easy to use. With their certificate, an ISP can make a validatable claim – known as a Route Origin Authorisation (ROA) – about their prefixes, stating "As the holder of these IP prefixes, I authorize this Autonomous System to originate them". There are over 800 ROAs in the global system, describing more than 2000 prefixes ranging from /24s to /10s, totaling to almost 80 million IPv4 addresses. All in all, RPKI has really good traction and with native router support in Cisco, Juniper and Quagga, this is only getting better. Global deployment statistics can be found here: http://certification-stats.ripe.net/

Submission + - RIRs launch Resource Certification (RPKI) service (h-online.com)

Submitted by 8-Track
8-Track writes: On January 3, 2011, three of the five Regional Internet Registries — RIPE NCC, LACNIC and AfriNIC — launched a Resource Certification service (APNIC already had a system in place, ARIN will follow later in 2011). Resource Certification, or RPKI as it's also known, is aimed at making Internet routing more secure by issuing a digital certificate along with the registration of Internet Number Resources (i.e. IP addresses and AS Numbers). Using this certificate, ISPs can authorise a particular Autonomous System to announce a certain block of their IP addresses by creating a Route Origin Authorisation (ROA) object. Because only the legitimate holder of a block of IP addresses can create a valid ROA, anyone on the internet can verify if a route announcement is coming from the rightful user of the address space. This could mitigate problems like the hijacking of YouTube by Pakistan Telecom in 2008. The system is based on IETF standards coming out of the Secure Inter-Domain Routing working group.

Comment Re:Ill bet this will happen (Score 1) 467

by 8-Track (#30887600) Attached to: IPv4 Free Pool Drops Below 10%, 1.0.0.0/8 Allocated

As a side curiosity, I wonder how many public IPv4 IPs are actually in use.

Check out figure 36 on this page: http://www.potaroo.net/tools/ipv4/ The green line is what has been assigned, the blue line is what is actually announced on the public internet. There are about 50 /8s that have been assigned, but are not used on the public Internet (the purple line). BTW, out of the 256 /8s in IPv4, the maximum number of assignments that can be made is 220, the rest is reserved for other purposes.

Google

Submission + - IPv6 at Google: A Chat With Lorenzo Colitti

Submitted by Alex Band
Alex Band writes: IPv6 Act Now has posted a recent video interview with Google network engineer Lorenzo Colitti, in which he discusses the experience of making Google services available over IPv6. "We're committed to a good user experience and IPv6 will give us that when IPv4 addresses run out," he explains in the video, adding that, "We basically went from zero to being able to serve most Google services over IPv6 to users that had good connectivity in a year and a half. Lots of progress can be made because it's not a huge undertaking." Colitti is the latest to appear on the IPv6 Act Now website. It already features discussions with, for example, IIJ's Randy Bush on IPv6 deployment and Cisco's Patrik Fältström on the role of governments with regards to IPv6. New interviews are released on a regular basis.
It's funny. Laugh.

Submission + - RIPE 55 Sings For IPv6 1

Submitted by
An anonymous reader writes: To promote the switch to IPv6, Gary Feldman gave an exciting performance of "The Day The Routers Died" at the RIPE 55 meeting in Amsterdam. The song (to the tune of "American Pie") included lyrics like "be persuaded to upgrade it or your network will die". Gary received a standing ovation.

Slashdot Top Deals

I never cheated an honest man, only rascals. They wanted something for nothing. I gave them nothing for something. -- Joseph "Yellow Kid" Weil

Close