5% of the Net is Unreachable

dasheiff writes "A BBC Story says US researchers reveal that up to 5% of the internet is completely unreachable. However the most interesting part is that they reported that many of the lost net sites flare into life briefly when being used to send spam or to launch attacks on other parts of the net."

Ironic

[Scutter]

That link appears to be unreachable from my network.

In related news...

[Brento]

The article also reports that approximately 13% of network admins are unreachable. These are the same people believed to be responsible for leaving Windows NT/2000 machines serving web pages without any service packs or security patches. These admins surface from time to time when they respond to said spam.

Unreachable?

[WinstonSmith]

If it is unreachable, is it really part of the Internet?

When I turn off my router, I don't really consider my home machines part of the Internet even though they are running and connected by a physicall wire.

Re:Unreachable?

[d5w]

If it is unreachable, is it really part of the Internet?

Check out the Arbor Networks presentation the BBC is referring to. Their definition of "dark address spaces" is

"The range of topology accessible from one provider, but unreachable via one or more competitor networks"

So, yes, these addresses are reachable by someone, just not by everyone.

Re:Unreachable?

[Kirruth]

You can reach these "dark spaces" if you know what you are doing. The simplest way is to use an http proxy (or tracert host) in another part of the net, or just use another isp. They are not unreachable in that sense, even though the default route from where you are may not work.

Spammers or system crackers often seem to do the trick of hacking into a set of home user broadband machines, I guess using a trojan or worm, turning them into a chain of proxies, then nailing the router between the last of the proxies and the rest of the net. In this way they make their own dark space.

Content-free article

[fader]

Here, let me sum up for you.

Spammers hide on the 'net by playing with unsecured routers.

What worries me is that it took someone three years to figure this out...

Re:Content-free article

[satch89450]

What worries me is that it took someone three years to figure this out...

I think you may have jumped to a wrong conclusion here. It didn't take three years to figure out that spammers play around with unsecured routers. It took three years to prove via experiment and measurement the extent of the problem, and to quantify the extent of the problem.

When the little boy has cried "Wolf!" often enough, the lone cry is quickly ignored. When the little boy then yells "Wolf, range 600, bearing 219" the cry takes on a bit more significance, don't you think?

If you can't measure it, it's opinion not science. (No, I can't find who said it first -- it's not original with me.)

The article mentions US military sites

[Inthewire]

...the article says those sites are "old" and "unlisted due to age" (not direct quotes)

Maybe they just, um, are delisted due to paranoia, perhaps justified?

Only 5%?

[at_18]

That's funny, when I try to send replies to all my spam, it seems that 100% of the net is unreachable...

slashdotted?

[mrroot]

5% of all internet sites unreachable?
...maybe they were slashdotted

Spammers, may they rest in the damnation of hell

[el'gwato]

My war on spam begins with all Spammers, but it does not end there. It will not end until every spamming group of global reach has been found, stopped and defeated.

These spamists spam not merely to waste bandwidth, but to disrupt and end a way of life. With every piece of unsolicited mail, they hope that genuine e-mailers grow fearful, retreating from cyber space and forsaking news groups. They stand against me, because I stand in their way.

I am not deceived by their pretenses to piety. I have seen their kind before. They are the heirs of all the spamist ideologies of the 20th century. By sacrificing bandwidth to serve their advertising visions -- by abandoning every value except the will to power -- they follow in the path of fascism, and Nazism, and totalitarianism. And they will follow that path all the way, to where it ends: in history's unmarked grave of discarded trash cans.

My response involves far more than instant retaliation and isolated replies.
I should not expect one battle, but a lengthy campaign, unlike any other we have ever seen. It may include dramatic e-mails to ISP's, visible to News groups, and covert operations, secret even in success. I will starve spamists of funding, turn them one against another, drive them from ISP to ISP, until there is no refuge or no rest. And I will pursue ISP's that provide aid or safe haven to spammers. Every ISP, in every region, now has a decision to make. Either you are with me, or you are with the spamists.

From this day forward, any ISP that continues to harbor or support spamists will be regarded by me as a hostile regime.

maybe it's because

[mrroot]

at any given time, 5% of all the Windows servers out there are busy rebooting

Re:maybe it's because

[NerdSlayer]

at any given time, 5% of all the Windows servers out there are busy rebooting.

I think it's closer to 3%, actually. Slashdot is linking to the other 2%.

Sites behind NAT

[category9]

I'd wager a great deal more than 5% is inaccessible if you count all the home sites locked away behind nat firewalls. Once we all start getting hundreds of IPv6 addresses at home, we'll start to see hundreds more small home/user sites popping up. This could greatly change the structure of the net, once again breaking away from the central information resources we are beggining to solely rely on and start using small independent resources much more.

A different theory

[ackthpt]

If 5% is unreachable then it's not part of the net. So, at all times 100% is reachable, the net is just variable in size.

I've run into sites which are up or down and often they're in a small shop and they actually power down their server (or it happens with a power/service outage) Lots of broken links on images. It would be interesting to see a statistic on how many pages which are technically non-functional still exist, i.e. with parts unable to display due to broken links, from sites gone away or pages moved but links not updated (which even M$N does from time to time)

Pardon?

[justinstreufert]

This instantly strikes me as sort of dumb. Unreachable? By whom? In what way? What were the methods? Are you talking about IP addresses or domain names? Did you take into account:

• Unallocated IP blocks
  
• Unused allocated blocks that are being sat on by their owners
  
• Dialup, DSL and Cable-modem users
  
• Sites that are down
  
• Sites that do not accept ICMP (or whatever protocol they used)
  
• Desktop computers that people turn off
  
• Firewalls that pretend they don't exist
  

The problem with lost peering agreements between ISPs causing partial 'net outages is well-understood. So what exactly have they measured here?! Seems like a shaky story to get one's name in the news.

Justin

Re:Pardon?

[phred]

Next time you spout off, maybe you might think about actually researching the subject first. This whole story is based on a paper that was presented at the October NANOG conference.

You do a disservice to the memory of Abha Ahuja with your uninformed yelping. This had nothing to do with a cheap gimmick to get publicity.

--------

Public addresses on Private networks

[ethaz]

I can't tell you how often I have had customers demand public IP addresses for a private Frame Relay network with no Internet connection.

More than once, I've said "Here you are, you get an entire Class A because we think you are so great. Your adresses are 10.x.x.x"

This leads to an interesting possibility

[Goldenhawk]

... that much spam could be identified and stopped more easily by careful tracking of the routing information. The article (actually you have to follow the PDF link to get the real information, not just the executive summary) points out that much of the spam identified came from sites that were established and routed, then sent out the spam, and then shut down again immediately.

Seems to me that you could make some progress against the spam by simply refusing any email from a domain that hadn't been recognized on the net for at least several days or maybe weeks.

If you haven't followed the PDF link, there are some interesting time history graphs of various routing parameters. Worth checking out.

Re:This leads to an interesting possibility

[jdavidb]

The PDF link is over in the sidebar; I didn't even see it until you mentioned it.

repeated article...

[Raleel]

actually,a BBC rehash of an article that was up a month ago

http://slashdot.org/article.pl?sid=01/11/15/0517 23 7&mode=thread

If only

[gila_monster]

it happened to be the 5% not worth viewing.

Reminds me of George Carlin

[gvonk]

"So when they counted the census results last year, they noticed that 1.5 to 2 percent of the population went uncounted.... How do they know that?"

Thats the @home Part of the Internet

[quakeaddict]

Thats the @home Part of the Internet....

enough said.

Priorities

[r_j_prahad]

The only time I worry is when 127.0.0.1 becomes unreachable.

Research paper

[hearingaid]

It's irritating how people don't even read the BBC quick-article, but for those who actually want to know what the researchers figured out: the paper is here; it's in Acrobat format, sigh.

People get paid to run "ping"? This is research?

[Wakko+Warner]

Seriously, I could've told you that 5% of the net is unreachable at any given time. It's called "PPP Connections". This is some sort of breakthrough research?

- A.P.

My part of the 5%

[Rasvar]

is an XP box that I refuse to leave powered up when I am not using it. Nothing like a patch a day security.

Link to html version of report

[sh0rtie]

For those that don't have access to that disgusting PDF Adobe file format, here is a link to a plain html version.

How unreachable?

[Darth+RadaR]

Maybe it's just the 5% of pr0n sites that they don't have passwords to?
:^)

5% ? It's a lot more!

[tadas]

It's gotta be more than 5%. I generally can't connect to *any* link on the front page of this site...

Re:Spammers, may they rest in the damnation of hel

[geekoid]

The fact the the company works for, may or may not making tools used for spamming, the outcry from the community is over something for more important the anti-spamming, basic civil rights.

I's rather get 50 pieces of spam in my email, then 1 piece of junk snail mail.

The way to slowdown spamming is control, not outlaw. If you outlaw spamming, you will be outlawing anything similiar to it regardless of intentions. This will have an impact on free speech, on others beside spammers.

We also need an official definition of "spam" put before congress, before ANY laws or actions are taken.
Is it spam if it's primary use is to make money?
is sending you a joke spam?
Is sending you a political announcement spam?
IS sending you any email you didn't explicitly ask for spam?

Don't get me wrong, I don't like unsolicited email from certain groups, I just feel we need to exam and define what spam is, and consider possible unexpected consquence before we make laws.

Re:NXDOMAIN for theregister.co.uk

[dun0s]

Through the cunning use of http://www.nic.uk I have determined that theregister.co.uk has been detagged:

http://www.nic.uk/cgi-bin/whois.cgi?query=thereg is ter.co.uk

.co.uk domains are linked to an isp by tags. the isp then sets things like the name servers and stuff. Detagging happens when you no longer want a domain, your isp is crap, or there is some sort of contract/legal dispute going on. Lets hope it was just the isp being crap.

I look forwarding to reading theregister's first article once their site goes live again. Last time they had problems (with a router iirc) the article about it was the best laugh i had in ages (sad i know).

--dan
ps. the parent may be offtopic but this post is not offtopic as a reply to its parent :o)

MILNET doesn't rely on DNS

[Animats]

The MILNET side of the Internet still uses fixed "hosts.txt" tables to some extent, rather than domain name servers. This keeps critical communications going even if DNS is messed up. (The DDN people never really liked BIND, which they didn't contract for; Berkeley did it on their own, without thinking through the security issues.)

MILNET uses IP addresses in the same space as the public Internet. The MILNET is normally connected to the rest of the Internet through gateways, but during crisis periods, those gateways are sometimes turned off. After September 11th, much of the MILNET was inaccessable from the public Internet for a day or two. That may be what those researchers saw.

Slashdot on Exodus

[fliplap]

At the momement, Slashdot, as well as many other Exodus hosted sites such as google and ebay are completely unreachable from many parts of the net. I'm typing this via lynx ssh'd into my account at ASU and I am for some reason able to reach them. It appears that anyone currently on the @home network is unable to reach exodus sites, as well as anyone on the axinet network. I can't confirm anyone else's problems but this is what I've seen.
At first I though thats what this story was refering to

Even worse

[rudy_wayne]

Even worse than the 5% that is unreachable is the 90 percent that is unusable.

Re:First Saturday of Every Quarter

[nyquist_theorem]

Until this point, I have tried to stay out of the active spam-hunting role, as it seems to be an awful lot of time and energy expelled in the wrong direction.

That said, I got all my spams in threes this morning, and they were all individually addressed to me (rather than BCC'd), which meant I actually had to look at them. What's worse is that all three of the addresses that they were sent to were dummy addresses on my domain, used only once, in this article!

Nice to see that the spam spiders are hitting /. articles on spam!! :(

So yes, today I think I'm quite willing to get on board the spam battle. It seems that having an unmunged email address appear on /. even ONCE is enough to get it picked up and raped.

Re:ummmm

[billn]

Yes, this is a reprint of an older story, found here.

Laws are the wrong answer

[HiThere]

Laws are definitely the wrong answer.

The right answer is a configurable e-mail filtering system. With certain pre-programmed options. And easy customization. And PERHAPS a neural net that can learn what it considered spam (or, perhaps better?, not spam).

It needs to be cross-platform. It needs to be able to work with MSIE. It may be MSIEvil, but it's the predominating e-mail recipient.

This doesn't get around the need to receive the verfluct stuff, but if the job is done well enough, it will get around the yammering for more laws. People should be able to set their own priorities. (If it were easy enough, I'd automatically reject anything that was predominately non-indoeuropean letters. I don't read Japanese, Chinese, and whatever those other languages are, so it would be nice to avoid them. But sofar I haven't bothered figuring out how to reject them before reading.)

I can't even imagine any way to reject the garbage without receiving it, except rejecting based on ISP, sender, addressee (e.g., list suppressed), subject, or date. And that's not usually enough to go on. But sometimes it is, and it would be nice to delete those before downloading them.
.