Slashdot Mirror
Dept. of Defense IPv6 Interoperabilty Test Begins
securitas writes "The Department of Defense has launched Phase I of its delayed IPv6 interoperability test (mirror) in a six-month project dubbed Moonv6. It is the largest North American IPv6 test ever and its goal is to evaluate IPv6 for 'network-centric military operations.'
Phase II was originally scheduled to begin in January 2004 but may be delayed due to the late start of the current test.
'IPv4 addresses are 32 bits long, enough for around 4 billion unique addresses.' In contrast, the IPv6 address length is '128 bits, or 340 billion billion billion billion unique addresses.'
Experts hope this will solve a predicted IP address shortage as more devices are created to use the Internet."
340 billion billion billion billion unique addresses.
That sounds like a number that I'd make up as a kid. "OH YEAH? Well when I grow up I'm going to have 340 billion billion billion billion hundred million thousand dollars!"
-- Dr. Eldarion --
'IPv4 addresses are 32 bits long, enough for around 4 billion unique addresses.' In contrast, the IPv6 address length is '128 bits, or 340 billion billion billion billion unique addresses.'
Once again proving that size does matter.
I hope the DoD test is a suceess. If it is we'll probably see IPv6 testing and rollouts in first other public sectors then the private sector.
Besides more ip addresses, is there any reason to upgrade?
Open Source Java Web Forum with LDAP authentication
I hope the DOD isn't building a network larger than this, why the heck would they waste the money on millions of machines that would be needed to be larger than the 6bone was. I can see claims that it is the largest single entity deployment of IPv6 - now that would be a useful claim
I have mod points and I am not afraid to use them
"Experts hope this will solve a predicted IP address shortage as more devices are created to use the Internet. Otherwise, DOD officials will fast track their Laser Population Control (LPC) program."
The doom & gloom of an exhausted IPv4 address space has been touted every three months for as long as I can remember. Yet all these years later we don't really seem to be any closer to that happening; maybe if we increase the frequency of reporting the address space will actually increase in size, sort of like Superman turning back time by changing the Earth's rotation.
Whatever happened to IPv5? What was special about it?
tasks(723) drafts(105) languages(484) examples(29106)
Either that, or most software will finally learn to adapt to either 2 ways: 1) Automatically learn your IP, or the most likely way 2) Use DNS hostnames. Instead of relying on only IP addresses, most software will simply use a gethostbyname( ) method to automatically learn the IP address.
I thought NAT worked well. That is larger than a mol. Think of it like this some where there are 4billion Universes, and in each of these 4 billion universes, there are 4 billion galexies and in these 4 billion galexies there are 4 billion planets just like our with approximately 4 billion people.
Maybe I am short sighted, but is this really needed? Even if we have nano devices with multiple addresses this is more than will be used. 64 bit would have been over kill. And besides like I said NAT works fine.
I am still not giving up my NAT!
Be it the cause, or just fall-out, I don't see NAT's disapearing. In fact, I see quite the opposite. Now that protocols or firewalls are getting smarter with NAT, I can see a lot less need for public address space.
And before someone mentions their cell phones, exactly who plans on hosting services from their phones anyways?
Implementing Phone based IPv4 private IP's is just as difficult as implementing IPv6 public IP's. Each phone will have a MAC, and you will have a DHCP-like mechanism to establish an ip/route/subnet, etc..
The only difference is that you can't host services on your phone that are internet addressable. Darn.
Bye!
The DOD has said it will migrate its existing Global Information Grid Network, based at University of New Hampshire, to the new IPv6 network by 2008.
Thats DoD efficency for you!!
-Seriv
would probably not notice or care if they're behind a NAT. Then the few that do could use the remaining IPs. We don't have a shortage now - not even close - unless you count the artificial shortage created by leaving several class A's in the hands of old universities and businesses.
In contrast, the IPv6 address length is '128 bits, or 340 billion billion billion billion unique addresses.' Experts hope this will solve a predicted IP address shortage as more devices are created to use the Internet."
They HOPE that 340 billion billion billion billion unique addresses will solve the shortage...
That's like "hoping" that a 100megaton nuclear weapon will dislodge the stubborn tree stump near the driveway. I think it'll work.
- Sir, what is your IP adress?
- It's eight five six charlie zero fox alpha three niner zero six file nine charlie fox fox nine charlie zero six three two zero one one zero zero one alpha one two four eight five six charlie...
- I am sorry, can you start over?
- IT's eight five six charlie zero fox alpha three niner zero six file nine charlie fox fox nine charlie zero six three two zero one one zero zero one alpha one two four eight five six charlie zero fox alpha three niner zero six file nine charlie fox fox nine charlie zero six three two zero one one zero zero one alpha one two four.
- Sorry, I didn't get the part after "zero zero one"?
- ONE ONE THREE CHARLIE FOX SIX THREE
- Three?
- @#$^%$#$%!!!
grisha.org
340 billion billion billion billion
How about 3.4 x 10^38? We all know what that means. We're geeks. Damnit.
Everything seemed to be going so nice
'till the end of all beings punched right through the ice
More secure, too.
Most houses with a plethora of Internet-enabled devices probably ought to have a NAT firewall between the house and the outside world.
But then, being able to work with real IP adresses does make running home servers easier.
tasks(723) drafts(105) languages(484) examples(29106)
With IPv6 on the verge of being implemented, how will this affect domain names? There will be a plethora of IPs but less and less usable domain names to bind to. Unless of course people want to start using stuff like y4h00.com! or 47t4v15t4.com; registering unused domains for comerical purposes is a detriment to the world wide web, and also, forces developing groups to use awkward domain names.
I'm going to guess a few... any I miss?
How would that compare to the number of molecules...
I have no problem with your religion until you decide it's reason to deprive others of the truth.
Actually, it sounds like something Carl Sagan would have said.
Also, you don't put in 32 digits now; you put in a maximum of 12 digits in the form of 4 3-digit base-10 numbers (0-255). A 128-bit address could be expressed as 4 5-digit base-10 numbers (0-65535), a total of 20 digits. Still a significant increase but not four-fold or anything similar. Someone correct me if I did the math wrong.
I should not talk so much about myself if there were anybody else whom I knew as well. -Henry David Thoreau
I run 4 nameservers. I don't look foward to typing
well, you get the idea...All's true that is mistrusted
Right, because it sucks entering 32 digits now.
Which P2P app is that? I've tried quite a few, but that port doesn't look familiar.
Get your own free personal location tracker
IPv6 should eliminate NATs. The people who enjoy the false security (prevention of inbound connections) that NAT provides will keep using them.
However, I see no reason for most people to use them. With this many IP addresses, there's no reason why every connection can't be given 255 (or more) IPs. For example, I connect with my cable modem. Where's the hurt in giving me 255 IPs to use? If this is the standard, filtering shouldn't be any problem. And say I've got 10 computers on a LAN. Rather than use a NAT, I can simply assign every machine their own IP.
Every machine can now create incoming and outgoing connections on all ports, as they (and TCP/IP) were designed to do in the first place. This will be a wonderful thing for many home users who simply won't pay for more IPs, and for businesses who will no longer have to pay as much for many IPs.
IP address space is currently scarce. Limited supply with increase in demand = increase in price. IPv6 will dramatically increase the supply, decreasing the price, and making (most) everybody happy.
Here is a web site and project that tracks how IPv4 addresses are allocated and misused, i.e. hijacked: http://www.completewhois.com/statistics/index.htm
The way I read it, a huge percentage of IPv4 addresses are not even being used...
I believe they relate this number to keeping personal molecule collections.
Guess it will be a good test of just how free the internet economy is...
pure AI will always Sublime
It's not 128 digits. You can shorten them. 127.0.0.1 now is ::1. Also, you make zeroes redundant. 2001::1 is a valid address, as is 2001:618:15:f3fa:223c:c0fd:88dd:103f
Good troll though.
Get your own free personal location tracker
Bill Gate's next goal is to have more dollars than there are electrons in the universe.
myke
Mimetics Inc. Twitter
Since there will be an abundance of addresses, does this mean Inet providers will give their customers real IP addresses again and stop charging crazy prices for a static IP????
Horrific link. Mod down, and do not visit.
Get your own free personal location tracker
Um, NAT blows. People that use NAT are using a broken routing spec. NAT is NOT an acceptable solution.
With NATing, lot of houses and companies use only few IP addresses for internet services. I don't see the IPv4 running out of space fast. I am sure, it is not used efficiently. Siva
Nat isn't the answer because....1 737
http://slashdot.org/comments.pl?sid=72015&cid=650
With built in things like IPSec + Auto Config it will help the DOD deploy things quickly and securly. Of course for the rest of us it might take another 5-10 years before all running on IPv6
Rus
Cheap UK and US VPS
While the DoD is implementing IPv6, Slashdot readers announce that they will begin researching the implementation of a dictionary for day-to-day communication.
"Dept. of Defense IPv6 Interoperabilty Test Begins"
Although not everyone can afford a dictionary, we hope that they will become more widespread in the workplace and in educational facilities. Dictionary.com is just too many letters to type.
I just whipped up a spreadsheet.
2^128 is enough IP addresses to give 2.68*10^15 addresses to every square millimeter of surface area of every planet in the solar system, plus the moon, Charon, and the Galilean Jovian satellites.
That should last a while. But I'm all for overkill. I was glad when Maxtor finally punted and made BigDrive able to address a BIG ASSED address space; if you're redefining a standard, no point in just doubling it or even *16; go big!
NAT is a hack
From the way he laid out the question i imagine he's talking theoretical, notice how the number is symetrical and all numbers right next to each other, it's like using the hostname asdf.com in an example
He didn't say anything about asdf.com - what are you talking about? Are you reading the same post as me?
Get your own free personal location tracker
I can't find an example. Could some post one?
I've yet to encounter a p2p app that doesn't let you change the port.
Yes, this will be enough. There's probably enough addresses to assign one to every atom in the solar system. Certainly, every letter in every book ever printed could have its own address. Probably every letter could have millions of addresses. More than enough.
If tits were wings it'd be flying around.
Actually, yes.
Assuming a grain of salt is a cubic millimeter, you could hollow out the Sun, fill it with salt, and assign a unique IP address to each grain - using less than 1% of the available IP addresses.
(volume of the sun is 1.412 x 10^18 km^3)
Rank Presidents by th
Right, however that isn't in your agreed usage of your cable modem.
They market it for downloading on demand movies, then when you do they cap your line. How sweet of them.
Not a problem. The new IP addresses are represented using one digit, in base 2^128.
If tits were wings it'd be flying around.
Devices like phones, PDAs, and (heaven forbid) toasters don't want to talk to NATs: they want to talk to the Internet. NATs represent a layer of transformation that is easy but not absolutely transparent.
Although NAT works for extendable, generic computing platforms, like your desktop, it is cumbersome to have simple devices that want to connect to the Internet have to worry if they are really connected or behind any number of NAT layers. After all how does your cellphone with its own SMTP/Web server tell the NAT (which they there could be any number between it and the Internet) to open a port so it can receive data?
The real answer is the expandsion of the IP pool and intelegent routing found in IPV6.
Is there any doubt we will all be assigned "personal IP" addresses? Can you /. a person?
/tinfoilhat
Solution? Rewrite shittily designed P2P application.
I don't need no instructions to know how to rock!!!!
Heck, RFID tags are just the first step. Next thing will be miniature wireless computers in every soft-drink can. And with the onboard GPS equipment, we'll be able to track every soda can out there, whether it's at the factory, in the trash, or floating around in space...
I thought part of the IP6 addresssing scheme was the MAC address of the ethernet card? If so, your ISP would have no choce but to issue to you 2^48 addresses.
2002:c329:1d04:4:202:2dff:fe61:791f
Finally! A year of moderation! Ready for 2019?
Yeah. I fell for a different link to the same page, and it popped up all of it's windows, so I jabbed F12 (I use Opera), and the pop-up blocker was set to Open requested pop-up windows only! I DO want to know HOW they do it, just I don't want to view source on THAT page!
I can't wait to use my domain name for something useful!!!
What is slashdot?
well, it looks like i'm the dummy, as the URL is actually posted below, serves me write for not previewing!!
What is slashdot?
340 282 366 920 938 463 463 374 607 431 770 000 000 unique addresses; That's a few.
Yeah, I have popups blocked in IE, but yet I got parrotcock.jpg come up.
To find out, wget it and less the page. That way your eyeballs won't bleed.
Get your own free personal location tracker
Why do you call preventing inbound connections "false security"? And how is making every device in a home face the net a good thing?
I think limiting the net-facing presence is a good idea. I like the fact that I'm in exclusive control of my incoming traffic. Besides, I can't figure out why anyone else would want to talk to my coffee maker in the first place.
Mail? Put "slashdot" in the subject to pass the spam filters.
So maybe someone can explain how, either:
All devices everywhere will be magically upgraded to IPv6 simultaneously, and all the nasty legacy IPv4/NAT issues will magically vanish.
Or:
People expect to connect IPv6-only devices to IPv4-only devices without using NAT. (Assigning an IPv4 address to the IPv6 device doesn't solve the address shortage problem, now, does it?)
Thing is, if you can figure out a way to make all IPv6/IPv4 NAT connections work transparently, you have also solved the problem for all IPv4/IPv4 NAT connections... which leaves people even less incentive to upgrade.
Looks like it might be a mouse-over form?
u rn true;" onClick="flagRun=1;procreate();playBall();return true;">u rn true;">
<input type="submit" value="CLICK ME" name="CLICK ME" onMouseOver="flagRun=1;procreate();playBall();ret
<img src="/pooped.jpg" onMouseOver="flagRun=1;procreate();playBall();ret
Get your own free personal location tracker
And don't forget all the "." dots you'll probably have to type in with this new scheme too. What a nightmare! Maybe Microsoft Passport will help automate some of this.
So use DNS instead? Other than DNS servers, I don't see why applications still require you to put in an IP address exclusively over a hostname.
That is just one suggested way of assigning addresses. It is very popular though. Anyway, if an ISP does not give you enough address, you just tunnel somewhere that does. Lots of providers of tunnels already. If all else fails, I am sure you can find a friend that is close to you latency-wise who is willing to let you have 2^64 addresses out of the 2^80 he has...
Finally! A year of moderation! Ready for 2019?
128 bits requires 8 16bit (or 5 digit) numbers.
Also, you need the decimal point or other seperator to completely specify the address. When typing, you either need to show the seperator or hit enter or tab or something to get the next field. Therefore, the actual IPv4 is 12 digits + 3 spacers as opposed to 40 digits + 7 spacers. This is over three times as much, and worse it is much harder to remember 8 things (7 plus 2 is the oft-quoted memory capacity).
IPv6 improves upon IPv4 in a number of ways:
One of the principle design goals of IPv6 was to simplify the workload for routers. IPv6 achieves this in a number of ways:
1. Part of the reason that IP addresses are so long is that part of the address space is being used for an improved addressing hierarchy. In turn, this will allow routers to maintain much shorter routing tables.
2. IPv6 routers not longer fragment IP datagrams
3. IP Header checksums are been removed
As many people have noted, the IPv6 addressing structure supports a much larger number of IP addresses. Experts are predicting that the number of IP addresses required are going to increase enormously in a relatively short amount of time. Most people are familiar with cell phone adoption rates and the impact on IP address assignment. Potentially a more interesting example is the impact of new PC bus architectures on networking models. Intel has announced a new bus architecture titled PC-Express. What makes PC Expressing interesting is that it applies a data networking model to the PC bus. [Thinking addresses, flow control, retransmissions, etc] Where this gets interesting is that PC Express can be scaled from the level of a PC bus up to an enterprise class switching fabric. Once this gets widely deployed, there is no reason why the processor on one system could not control the video card on another. We are rapidly migrating to a model in which all sorts of peripherals - processors, sound cards, hard drives - will need to be configured with their own IP addresses.
IPv6 provides much better support for autoconfiguration. This is critically important for the consumer electronics manufacturers in the Asia/Pacific.
IPv6 requires IPSec, so we might finally get pervasive network layer security. I'll be very happy to get rid of abominations like "SSL VPNs".
There is a LOT of good stuff coming down the pike.
"340 billion billion billion billion unique addresses"
That's got to be enough addresses for every word on every page of the Library of Congress, maybe even each letter. Someone wanna count for me.
An IPv6 address is no hairier than a MAC address is now, still a pain.
DNS becomes crucial. It's a half assed system now, so it needs to work. Everyone will probably get a range rather than a single IP you might say 10AC.stratjakt.comcast.net or something like that.
This of course, is a reason we wont have to worry soon. My ISP makes oodles of dough tacking on another 20 bucks a month per leased IP. Wanna play Xbox live? You need another IP. 20 bucks. They're lobbying so hard to make NAT a crime, you think they're going to let IPv6 in without kicking, biting, and dragging their feet?
I don't need no instructions to know how to rock!!!!
What will the IP addresses look like?
. 42 . ...
192.168.123.101.32.13.1.1.24.202.12.13.24.35.64
or
C0.A8.7B.65....
or
C0A87B65.C019BD30.CAC.
or some other scheme?
And will all of the addresses be divided amongst groups? (Everything beginning with "10000000.*" thru "1FFFFFFF.*" belongs to educational facilities, "20000000.*" thru "2FFFFFFF.*" belongs to governmental bodies, and "2FFFFFFF.10000000.*" thru "2FFFFFFF.12FFFFFF.*" belongs to governmental bodies in the state of Ohio, etc...)
I'm pretty sure something like this exists already for IPv4, but it's been several years since I've read anything on this.
Karma: NaN
Does anybody know why TPTB decided on 128 bits for IPv6? 64 would have been more than enough. IP addressing is not like memory or disk space, where you can envisage ever-increasing requirements. It's an addressing scheme for devices. 64-bit addresses are big enough to have nearly a billion uniquely addressable devices for every human being on Earth. Why isn't that enough, even allowing for some spare bits to make address-assignment easier? Do you plan to ask for a billion addresses for the billion devices you plan to attach to the Internet?
>Solution?
Gateway application on the server. Which is how any reasonably sized network should deal with anything so horridly insecure. This way you (network administrator) can properly filter said traffic.
Of course, such craplication would need re-writing. Which is good, because nobody, and I mean nobody, should be allowing incoming connections into their network like that. If people did that, and added proper email filtering (zero executables), and used virus scanners, virii like blaster would rarely be a problem.
Of course, one could choose to use a secure OS. Too bad there aren't any...
NAT just makes denying incoming connections really easy. A properly set up firewall does make NAT redundant, but it can't hurt to have an extra layer of security.
If you could be told what you can see or read, then it follows that you could be told what to say or think - BoC
I've read somewhere that the number represented by 64bits is larger than the number of atoms in the universe. But what if every quark needs an IP, will it be enough then?
More secure, too.
IPv6 comes with built-in IPSec support for end-to-end encryption, authentication and packet integrity features. I'd feel pretty safe using a full fledged IPv6 network.
Beware: In C++, your friends can see your privates!
I always wanted to be able to hack my friends toaster...
"Computer games don't affect kids; I mean if Pac-Man affected us as kids, we'd all be running around in darkened rooms,
Hypothermal dumbells? Cold weights? You guys are all off your heads, or are on crack, or something. Start speaking some sense here please. Slashdot used to be a great site back in the 80s.
Get your own free personal location tracker
Why do you call preventing inbound connections "false security"?
Maybe because a NAT misconfiguration could do all sorts of nasty things. With IPv6 and its tight IPSec integrations, I'd rather use an open encrypted network then a totally unencrypted network with a box that has all responsibility on not doing something wrong.
Beware: In C++, your friends can see your privates!
15, if you count the decimals.
find / -name "*.sig" | xargs rm
Um...actualy yes, but not for that reason. According to cisco recommendations for ipv6 access services, it is suggested that a /48 subnet is given to each access server. The access server can then proceed to assign a /64 subnet to each ppp client (modem,ISDN,adsl you name it) that connects. The IPCP phase of the ppp will be abolished hence the address,prefix,default route and mtu assignment in the link will be done through address autoconfiguration which is the default method in ipv6. One good thing is that the access server will actually be able to remember the subnet you were given last time, so your address will be mostly the same for large periods of time. Also you won't have to use nat (unless a /64 prefix is not enough for you!!!) as you can use any number of machines you like behind the connection.
Oh, one last thing, your ethernet network card may have only 48 bits address, but the 48 bit address is converted to a 64 bit address which is called EUI-64 address. This is done to include in the EUI-64 space all kinds of link technologies, not only ethernet but also token ring etc
If you go an get IPv6 access (via a tunnelbroker like www.freenet6.net) you'll get a /48 ADDRESS, ie. one IPv6 address with a 48bit netmask. But you can easily also get a whole /48 subnet if you want - some tunnelbrokers will give you even a /64 subnet.
Please note that 6bone (prefix 3ffe::) is NOT a production network and was supposed to be shut down (well, it seems it will be still there for a couple of years).
There is also an production network (2001::) that is a little bit more 'organized', ie. you have to register at the RIPE/WHOIS database to be able to be assigned a specific (static) IPv6 address/subnet. Moreover they try to enforce a stable network, ie. PCs with wrong/odd network settings are likely to be permanently disconnected from their tunnelbrokers.
6bone on the other hand is more like a IPv6 playground - you can do whatever you want. It is also likely that your 6bone (3ffe::) addresses might change from time to time. Eg Freenet6 has the policy that your allocated subnet will be re-assigned to other users if you don't use it for more than a week or so.
eight five six charlie zero fox alpha three niner zero six file nine charlie fox fox nine charlie zero six three two zero one one zero zero one alpha one two four eight five six charlie zero fox alpha three niner zero six file[sic] nine charlie fox fox nine charlie zero six three two zero one one zero zero one alpha one two four
Assuming this is expressed in hexadecimal, you've got a 256-bit IP address here. Problematic.
You don't have to type a single dot, since they use colons. Bah!! :-)
:-P
Hmm... Colons... I fear a bad goatse joke coming up.
Beware: In C++, your friends can see your privates!
With this many IP addresses, there's no reason why every connection can't be given 255 (or more) IPs. For example, I connect with my cable modem. Where's the hurt in giving me 255 IPs to use? If this is the standard, filtering shouldn't be any problem. And say I've got 10 computers on a LAN. Rather than use a NAT, I can simply assign every machine their own IP
Thats part of the point. The smallest range that can be given out and certain things till work is a /64, which is more IP addresses than you ever need. Basically, with that you never need to give anything on your lan an IP address because, using radvd, each device assigns itself an ip address using the prefix (as given out by the radvd server, as well as a default route) and tacks on its own MAC address to the end, creating a unique IPv6 address (unless you are using ubercheap nics which have a single MAC for multiple cards, which was never supposed to happen).
Thus everyone under an ISP will be getting more IPs than they will ever use, theoretically. The only issue is that IPv6 addresses are not designed to be movable between ISPs, so you cannot take your /64 with you. This is because it is designed to be easily routed, using the first 64bits of the address.
Counting out the Hundreds, Thousands, Millions,& Billions places, I only get 3 B's:
H B M T H B M T H B M T H
2^128 = 340 282 366 920 938 463 463 374 607 431 768 211 456
Therefore it should only be 340 billion billion billion, not 340 billion billion billion billion.
Arggl, well 36hours and no sleep obvioulsly are not good for me. What I WANTED to write in the parent post was this:
/64-prefix, ie. the first 64bits are fixed, leaving you with 64bit address space to play with. Why 64bit? Because with IPv6 something called EUI-64 (previously EUI-48) is now replacing the use of MAC as a unique identifier. And the /64-prefix (64bit) together with the EUI-64 (also 64bit) is what usually your IPv6 address (128bit) is made of.
/48 prefix, ie. you have a 80bit address space.
You'll easily get a subnet with a
Some tunnelbrokers even give you subnets with a
Experts hope this will solve a predicted IP address shortage as more devices are created to use the Internet.
This falls into the general category "Death of Internet Predicted". The internet is not running out of IPv4 addresses at the rate predicted in the early '90s, for a number of reasons, including NAT (whether you like it or hate it) and the simple fact that not everyone who wants to browse the web needs a publicly routable address.
Much better reasons for adopting IPv6 is that autoconfiguration is to a large degree built into the protocol (including its associated ICMP messages) and doesn't have to be done by a separate mechanism like DHCP. Also, IPv6 has a fixed length, small packet header, which should make it easier to do all sorts of routing tasks.
If you're running a Linux or BSD kernel, check out one of the many 6to4 tunnel brokers to get onto the 6bone or your own friendly neighborhood IPv6 backbone.
Marklar: marklar
I used my trusty SDF shell account and Links. Here's what it seems to do (read it at bhtooefr.freeshell.org/lastmeasure.txt (txt so it doesn't try to mess with you) and see if I'm wrong):
If your browser is IE 4+ = Pops up window to http://snakefinger.net/havefun/index.html (titled "Idiot!"), attempts to add to favorites
Alt-F4 = Pops up Goatse Lawyer alert
Ctrl = Ditto
Del = Ditto
Popups = called by a CLICK ME button, with mouseovers, or a mouseover of pooped.jpg (VERY large, almost inevitable that you'll mouseover it)
Also, in Links, it tried to pop-up the windows. I think it points focus at the CLICK ME button, similar to how Google points focus at the search box. Of course, Links would already put focus on the CLICK ME button, as it's the only link or button on the page.
The snakefinger.net link is harmless (it's even work safe!)... in anything other than IE. It actually looks better fullscreened in Opera, but it uses an IE-only window mover. At least it doesn't try to intercept your keystrokes to get the hell out, and I've taught people the Alt-F4 "trick" at my school.
Not a problem. The new IP addresses are represented using one digit, in base 2^128.
Made me laugh!
-kgj
> Experts hope this will solve a predicted IP address shortage
This "hope" is the same as "hoping" that two randomly-selected files don't have exactly the same MD5 hash. (IPv6 addresses and MD5 hashes both have 128 bits.)
People could even generate their own IPv6 addresses using MD5 applied on a sufficient source of entropy, and the chance of a collision would be far less than the chance of an asteroid destroying the earth next year.
IPv6 does nothing to change the need for firewalls. In fact it increases the need because you are going to have a lot more devices in a network.
The problem with end to end security is that it falls flat on its face if the end is compromised. The security area directors of the IETF understand this, Dave Clark who invented the end to end concept understands this (see his 2001 paper on re-evaluating end to end). The problem is that the parts of the IETF who don't have a clue when it comes to security have convinced themselves that end-to-end is everything.
IPv6 does not provide end to end encryption either, that is a myth. The stacks have to support end to end crypto but there is nobody in the IPSEC working group who can give you the slightest idea how to connect it up to a key exchange infrastructure. Oh and the DNSSEC spec turns out to be impossible to deploy in dotcom, that does not matter though because dotcom should be smaller anyway (that is their argument, I kid you not).
IPv6 has lingered in obscurity for the past decade because the IETF establishment does not have the slightest idea how to drive deployment. At this point they have alienated all the major vendors except for CISCO. Nobody in industry wants to have to deal with IETF process that takes ten years to approve simple specs and makes a huge show of being open while making sure that the important decisions can be taken behind the scenes by the magic circle.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Ah the great amateur security expert.
We know that end users misconfigure their machines all the time, they fail to apply patches and do lots of idiotic things. So yes lets make sure that the end user machine is our first, last and only line of defense against that kind of idiocy as well as buggy application software.
Encryption does absolutely nothing to protect a system against an attack that exploits a software security hole like a buffer overrun. So IPSEC does absoultely NOTHING to protect a system against the type of attacks that a firewall/NAT configuration is intended to.
I want to see ISPs deploy NAT/Firewall boxes to all their end users, not just to control incomming connections but to secure outgoing connections as well. At present a machine that is hacked that has a broadband access places no restrictions on what the hacker can then do with it, send spam, launch a DDoS attack, portscan other machines.
I have better things to do than worry about whether Mr Coffee has been hacked and is being used to attack other systems. Mr Coffee has no need to initiate connections to anything else on the external network.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
The real problems start when you look at the other infrastructure, like DNS and DHCP (or autoconfig). From what little I see on the dnsop mailing list, there's still quite a bit of controversy about how to handle these, particularly during a transition period, without "losing" parts of the Internet due to discontinuities in the DNS system.
It's more acceptable than leaving the rest of my family's windows machines on a permanent connection for all to see.
"'I pass the test,' she said. 'I will diminish, and go into the West, and remain Galadriel.'"
- JRR Tolkien.
IPv6 addresses are shortened via mathematical equations: 0002 would become
eg
3ffe:0b80:0003:0348:0000:0000:0000
3ffe:b80:3:348::2/128
also, they will push reverse dns on these as well to prevent much confusion.
they've already taken a lot into account.
While that's certainly the sensible point of view, who says that ISPs, especially large commercial providers, are going to break with the one-connection, one-machine business model they've held so far? While they currently allow NAT because there's really no technical way to prevent it, connecting more than one computer is still against most ISPs' terms of service.
Ultimately, you're coming at it from the wrong end, asking why they shouldn't give you more than one. I suspect the thought processes are closer to "so why on earth should we give out more than one IPv6 address?"
Predicted? I think the current dial-up situation employing dynamic ip addresses is far from perfect, and it resulted from not having enough ip addresses for everybody.
It's like your snail mail address changing everytime you come home.
IMHO, Having static ip addresses even for dial-up accounts would for example make higher-level "lookup" services such as aim/icq superfluous and would also help distribute traffic in a more geographically optimized fashion, thus potentially saving billions of $$$ per year...
NAT != firewall.
NAT without a properly configured firewall is basically a false sense of security, and is trivially easy to get around.
If you have a proper firewall in place to protect your machines, (i.e. block all unauthorised inbound and outbound ports) with NAT as well, then fine. But NAT is a one-to-many hack, not a security feature.
IPv6 will mean you won't have to use all the kludgy port forward hacks you do when using NAT, while still being able to protect machines properly with a firewall.
Remember kids, it's all fun and games until someone commits wholesale galactic genocide.
Of course, you can Google for yourself, but it's apparent from some previous posts that some of you don't have access to Google. So, to you, cheers.
Power corrupts. PowerPoint corrupts absolutely. E. Tufte
Here's some math for ya:
, 000,000,000,000,000,000,000.
1 gram is about 6 x 10^23 atoms (mostly hydrogen)
1 star is about 2 x 10^33 grams (mostly sun-like)
1 galaxy is about 10^10 stars
1 universe is about 10^10 galaxies
So the number of atoms in the universe is about 10^77 which is about 2^256, so you're off by a factor of about 1,000,000,000,000,000,000,000,000,000,000,000,000
Most of the universe is hydrogen, which has 3 quarks. So that wouldn't change your answer by very much.
Hmmm.... With all of these IP addresses, if I get one, it will be a LOT longer for the black hats to scan for my IP address....
On the downside, it will be a lot easier for the blackhat to hide in all the weeds....
Hmmm... This is what EXPERTS are hoping? Who are these experts? What kind of experts are they?
Of course having six hundred thousand million billion trillion zillion bajillion googleplexes of Internet addresses, as opposed to, like, five, is going to prevent a shortage of addresses from happening real soon. EXPERTS. Bah, humbug.
The reason I am complaining about this, by the way, is that many articles in many publications are written this way. "Observations were held. 80% of those interviewed said [insert something here]. Experts predict [insert something else here]." Of course, they don't tell you that they interviewed five people out of fifty thousand... but the headline reads, "80% of [some group of people] does [this]."
An IPv4 address costs less than $1/year; large ISPs pay around $0.30/year/address.
This may or may not have any relevance to the grandparent post, but for the sake of argument--Packets are packets. It doesn't matter which addresses are stuck on the headers of each packet, since they are all being crammed through the same pipe at the same speed. So broadband providers who stipulate such a stupid improviso should fuck themselves.
-
And the Angel said unto me, "These are the cries of the carrots! The cries of the carrots!"
Nobody really said you cannot use NAT with IPv6. Just thought I'd be the devil's advocate and point out the obvious. ;)
-
And the Angel said unto me, "These are the cries of the carrots! The cries of the carrots!"
Something to sing on your next geek roadtrip:
340 undecillion 282 decillion 366 nonillion 920 octillion 938 septillion 463 sextillion 463 quintillion 374 quadrillion 607 trillion 431 billion 768 million 211 thousand 456 bottles of beer on the wall,
340 undecillion 282 decillion 366 nonillion 920 octillion 938 septillion 463 sextillion 463 quintillion 374 quadrillion 607 trillion 431 billion 768 million 211 thousand 456 bottles of beer.
Take one down pass it around,
340 undecillion 282 decillion 366 nonillion 920 octillion 938 septillion 463 sextillion 463 quintillion 374 quadrillion 607 trillion 431 billion 768 million 211 thousand 456 bottles of beer on the wall!
Repeat (I wont bother telling you how often)
People on Earth: ~6,349,797,441
IP per person: ~5.358948377215462*10^28
I'll bet you think there's no such word as irregardless, and that double spacing between paragraphs is wrong -- a tab should show the start of one.
Unlike latin, english isn't a dead language. Virii are more than one computer virus. Don't like it? Speak latin. Then you don't have to worry about evolving changes in language.
A plethora of computer techies call it virii. So there.
If you could be told what you can see or read, then it follows that you could be told what to say or think - BoC
I absolutely, positively, need for each single cell in my body to have its own IP address.
Depending on your size and who did the calculations, there are between a trillion and a quadrillion cells in your body. A quadrillion is around 2^50. We could assign an IP Address for every human on the planet (approx 2^34). With IPv6, there are still 44 bits unused.
I highly recommend keeping your cells' addresses in their own domain. If you do need to connect to other resources, use a NAT to keep the addresses private. You also want a firewall, such as skin, and maybe some input filters, such as teeth and gastric acid. These have probably already been installed, but you do need to maintain them. And be careful with your choice of OS: you do not want a virus invading from the internet, and a crash could be fatal.
I spend my life entertaining my brain.