A glitch in the Matrix, or a hungry exploit? Sûnnet Beskerming researchers observed an interesting deviation in global network traffic over the last 24 hours, particularly for South American, Asian, and Australian networks. Normally, global Internet traffic (as observed by the Internet Traffic Report) oscillates around nine per cent packet loss, with global response times …
I make a considerable effort to stay current with security issues but haven't the time to do much more than play defense. ActiveX has a bad reputation and has been a thorn in the side of security for a long time. IIRC initially MS pimped ActiveX as if it was as sexy as a Paris Hilton clone. Now, on the rare occasions I fire up IE, there's generally a warning inviting me to allow AcitveX stuff at my own peril. If ActiveX is to blame and enough people get burnt then maybe it'll turn another big batch of people to Firefox. There's something happening here; what it is ain't exactly clear. There's a man with a GNU over there telling me I've got to beware. :)
Yeah, here is goes again. Another news article that goes on about something trouble the internet. I wonder how long before the Symantec FUD crew comes rolling out alerting everyone to a major security problem with the internet? I figure at least 3 weeks after everyone else does. 3 weeks after that, CERT be releasing their alert as well.
Frankly, anyone running ActiveX deserved what they get. A security fix is not patching something to ask a user (who has no idea of the implications) to decide if its safe to run on their box. Hell, 90% of people won't open e-mails that aren't from someone they know these days because of that.
Come on people, we hear all the time about this kind of thing, and nothing becomes of it. The internet isn't run by a bunch of retards, it just got a large population of them inhabiting it, and they just happen to be more vocal.
I highly doubt the NSA has gotten a packet sniffer of that caliber online. It'd take one hell of a cluster to sniff that kind of data and with all the wrist slapping going on with their wiretapping lately, I imagine they're just doing business as usual, waiting for the right time to slip a bill in to take away some more freedom from the people.
Dan Finch
Gods of NOS
www.nerdnos.net
If I saw an anomoly in one group of one type of sensor, but not in another group of the same type or of any other type of sensor, then I'd be checking the sensors, before checking the target.
The alleged mining of the Internet by the NSA is reminiscent of the passive acoustic array and its parent, the passive acoustic barrier strategy, of the US Navy circa 1968-ish. Good times - then and now.
are inherently passive. This means that the flow of traffic is not disturbed by the tap and the only problem that could arise is dropped packets in the interceptor hardware. The same should be true for cisco wiretap modules in most internet routers.
However, since there are dropped packets, one could trace the point where the packets are dropped and inspect the router in question if it is either hacked, under 100 percent load or carrying malicious packets.
In many cases, the problem turn out to be a bad router configuration where one link gets less than 100 percent load while others get more than they could carry.
Hmm, when you drill down into response time/packet loss across Europe, apparently Belgium, Denmark, Romania and Switzerland all have 100% packet loss. Perhaps a contributing factor to the packet loss average? However, since google.be still comes up, I'd have to assume that data is not correct...
Normalcy
...as used in this article. Clearly an americanis(Z)ation of a word intended to reduce the amount of thought required during language use.
There is an alternative to this word that happens also to be in the Oxford English dictionary, because it actually exists -
http://www.askoxford.com/concise_oed/normal?view=uk
NORMALITY
God, writing is all you people do!!
Sorry to rant and all, but this really gets on my nerves being a UK website.
Couldn't the editors have Anglicised it?
Isn't that caused by all the Windoze machines and misconfigured routers lauching reverse DNS resolutions on private IP address range across open Internet, that IANA blackhole servers are supposed to drop? I've seen somewhere that this traffic causes significant spikes exactly at the same time, like exactly midnight (GMT or local, I don't remember).
Please correct me, if that isn't the actual reason for IANA blackhole servers, dropping some traffic that was not supposed to be there, regarding reverse DNS queries, and if that couldn't be related to global alteration on latencies.
The company mentioned makes corporate automation hardware with powerful computing engines which run a dedicated OS with god knows what in them.
http://www.amx.com/products/categoryNetLinxControllers.asp
They obviously all linked up and became self aware.
In fact this a important fact for the ROTM guru's i feel.
:)
I think the poster who fingered the blackhole servers might be right on the money. I can't believe no one has covered this story yet. APEWS (www.apews.org) is one of those blacklists. Until very recently, APEWS was a private list that only invited email admins could use for their spam filters.
Within the last month, APEWS opened its list to any and all email admins. I believe this change has caused a huge problem for Internet email traffic. Specifically, APEWS have blacklisted entire segments of the Internet. The Class B address block for my home Internet connection (TimeWarner) is on the APEWS blacklist, as (apparently) are other large address blocks.
What is really interesting about the story is why APEWS is blacklisting entire address blocks. APEWS has a political agenda, and they are using the blacklist to further that political agenda. Specifically, they are trying to force users like me to switch ISPs or complain to their ISPs to put pressure on those ISPs to do a better job blocking spam that emanates from their networks. A laudable goal, to be sure, but their tactics strike me as unethical and potentially illegal- and they certainly represent a breach of trust of the blacklist system.
I would like to see a journalist find out who the original nine members of the APEWS organization are, what companies they work for, and whether the executives at those companies have any knowledge of the actions of their employees.
The APEWS domain was registered in Brazil, has its DNS servers in Germany, and is hosted in Canada. All public information, and maybe somewhere to start the investigation.
Cheers!
I'm the poster on the first comment about IANA.ORG blackhole servers, and I guess you didn't understand me.
IANA Blackhole servers are actually good for the health of Web traffic. They drop reverse DNS queries that shouldn't exist on open Web, only on local networks, on non-routable IP ranges like 192.168.xxx.xxx. Without them, this traffic would keep repeating itself in search of a reply, when nobody will answer. It is like shouting "Hello" on the mountains, the echo will fill the place with noise. Without this IANA servers, chaos would ensue. Following the analogy, IANA blackhole servers would shout back "Shut the f*** up, nobody will answer you!", so the DNS queries stop. I heard Windows machines do that once every 24 hrs.
BlackLIST servers are entirely a different thing, they are blocking spam traffic, or listing spammers IP's, (so you said), and I can't foresee how would their absence would affect global latency. Only stupid spammers use their local ISP IP as the originating point, anyway.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
