Re: Researchers ping through first full 'Internet census' in 25 years
On Fri, October 12, 2007 10:08 pm, Mark Foster wrote: Its all very well for those that know better to carry on like this, but I would suggest that those sortsa complaints only come from people who don't know better. They don't know how to interpret their Firewall warnings. And they don't know whats genuine and whats not. You're right, they don't. My complaint is with those who *think* they do. Suggest that rather than knocking those who genuinely think that its a warzone out there (and isn't it?) efforts of ISPs to educate clients as to what is genuine abuse (and what isn't) should be rewarded. Absolutely. I've always been happy to try and educate those who come with even the slightest inclination towards education. It's the ones who are convinced that either any error message from their firewall or OS is the Word of God, or that because they're skilled in some other field, any attempt to educate them about networking or computers is a direct attack on their mental prowess - they bug me. It seems that neither group is getting smaller :( Regards, Tim.
Re: Researchers ping through first full 'Internet census' in 25 years
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Roy [EMAIL PROTECTED] wrote: http://www.networkworld.com/community/node/20390?netht=101107dailynews2n ladname=101107dailynews Credit where credit is due: http://www.xkcd.com/195/ -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHDw5Lq1pz9mNUZTMRAsFvAJ9yF2eAO3RMX8g1Txv31nxmHCZTWgCghUfK NKHh3kxqyPA9Wuu5dkBUqpc= =roun -END PGP SIGNATURE- -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
Re: Researchers ping through first full 'Internet census' in 25 years
http://www.networkworld.com/community/node/20390?netht=101107dailynews2nladname=101107dailynews Credit where credit is due: http://www.xkcd.com/195/ i guess you did not read the article, eh? randy
Re: Researchers ping through first full 'Internet census' in 25 years
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Randy Bush [EMAIL PROTECTED] wrote: http://www.networkworld.com/community/node/20390?netht=101107dailynews2 nladname=101107dailynews Credit where credit is due: http://www.xkcd.com/195/ i guess you did not read the article, eh? Since you brought it up, of course I did: http://fergdawg.blogspot.com/2007/10/from-xkcd-to-reality-ant-censuses-of.h tml - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHDxQGq1pz9mNUZTMRAp9tAJ0XP/MtQtsNy5StUTDNgo2V7M5e+gCeOoCz ia9SPyl4Sw6vfmr+Zmerkg0= =VxBk -END PGP SIGNATURE- -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
Re: Researchers ping through first full 'Internet census' in 25 years
On Thu, 11 Oct 2007, Roy wrote: You will want: http://www.isi.edu/ant/address/index.html -Hank I guess no one told them that someone might consider this an attack? I have set up detectors where pinging consecutive honeypot ip addresses results in the source IP address being blacklisted for a day or two. Researchers ping through first full 'Internet census' in 25 years No door-to-door canvassing here: This census involved the direction of some 3 billion pings toward 2.8 billion allocated Internet addresses from three machines over the course of two months. http://www.networkworld.com/community/node/20390?netht=101107dailynews2nladname=101107dailynews or http://tinyurl.com/37fgua The press release is located at http://www.isi.edu/news/news.php?story=178
Re: Researchers ping through first full 'Internet census' in 25 years
ISI folks have been taking this census since at least mid 2003. We vizualized their data using our tool and then made a movie showing the changes from 2003 to late 2006. If you have 27 MB and a few minutes to spare you can download it from here: http://maps.measurement-factory.com/gallery/USC-LANDER-Census/ Duane W.
Re: Researchers ping through first full 'Internet census' in 25 years
27MB? I duno, that's quite a lot.. I'll have to delete some mp3s first.. Duane Wessels wrote: ISI folks have been taking this census since at least mid 2003. We vizualized their data using our tool and then made a movie showing the changes from 2003 to late 2006. If you have 27 MB and a few minutes to spare you can download it from here: http://maps.measurement-factory.com/gallery/USC-LANDER-Census/ Duane W.
Re: Researchers ping through first full 'Internet census' in 25 years
On Fri, 12 Oct 2007, Chris Owen wrote: You can't consider every wacko on the net when doing something like this. Anyone who considers a ping an attack probably isn't worth worrying about. I tend to agree, but back when I manned the abuse desk (among others) at my former employer, I would see abuse reports come in all the time that were basically a report from whatever security software someone was running on their PC, accompanied by a message that was usually something along the lines of this: HOST x.x.x.x ON YOUR NETWORK PINGED ME I TAKE MY SECURITY SERIOUSLY!! I'M CALLING THE FBI!!! The knee-jerk reaction is rarely the right one :) jms
Re: Researchers ping through first full 'Internet census' in 25 years
On Fri, 12 Oct 2007, Leigh Porter wrote: You are more likely to get 5000 zonealarm emails Or a place on dshield's top 10. Justin M. Streiner wrote: On Fri, 12 Oct 2007, Chris Owen wrote: You can't consider every wacko on the net when doing something like this. Anyone who considers a ping an attack probably isn't worth worrying about. I tend to agree, but back when I manned the abuse desk (among others) at my former employer, I would see abuse reports come in all the time that were basically a report from whatever security software someone was running on their PC, accompanied by a message that was usually something along the lines of this: HOST x.x.x.x ON YOUR NETWORK PINGED ME I TAKE MY SECURITY SERIOUSLY!! I'M CALLING THE FBI!!! The knee-jerk reaction is rarely the right one :) jms
Re: Researchers ping through first full 'Internet census' in 25 years
On Fri, October 12, 2007 2:49 pm, Justin M. Streiner wrote: HOST x.x.x.x ON YOUR NETWORK PINGED ME I TAKE MY SECURITY SERIOUSLY!! I'M CALLING THE FBI!!! That I can *sort* of understand - it's the flaming zealotry of ALL ICMP IS EEEVIL! trickling down from 99% of firewall admins working in enterprises to end users who just heard it from someone in IT. It's the Your server www.whatever.com is attacking me from port 80! ones that leave me torn between laughing, crying, and seriously thinking about a cull...
Re: Researchers ping through first full 'Internet census' in 25 years
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Oct 12, 2007, at 12:50 AM, Roy wrote: I guess no one told them that someone might consider this an attack? You can't consider every wacko on the net when doing something like this. Anyone who considers a ping an attack probably isn't worth worrying about. Chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iD8DBQFHD3eTElUlCLUT2d0RAmyaAKCjU8XWlNEb7PWuWY+zz7nYc9LCBACgrp/r pPnxCKmRAwm1No9pMOGT3YI= =/0ak -END PGP SIGNATURE-
Re: Researchers ping through first full 'Internet census' in 25 years
On Fri, 12 Oct 2007, Leigh Porter wrote: You are more likely to get 5000 zonealarm emails Got tons of those... ...and BlackIce, DShield, Norton, SamSpade, and all the rest :) But there were also lots of people who took time out of their busy day to personally write their own flaming emails, rather than just relying on the boilerplate reports many of the packages above commonly send out. I felt honored :) jms Justin M. Streiner wrote: On Fri, 12 Oct 2007, Chris Owen wrote: You can't consider every wacko on the net when doing something like this. Anyone who considers a ping an attack probably isn't worth worrying about. I tend to agree, but back when I manned the abuse desk (among others) at my former employer, I would see abuse reports come in all the time that were basically a report from whatever security software someone was running on their PC, accompanied by a message that was usually something along the lines of this: HOST x.x.x.x ON YOUR NETWORK PINGED ME I TAKE MY SECURITY SERIOUSLY!! I'M CALLING THE FBI!!! The knee-jerk reaction is rarely the right one :) jms
Re: Researchers ping through first full 'Internet census' in 25 years
You are more likely to get 5000 zonealarm emails Justin M. Streiner wrote: On Fri, 12 Oct 2007, Chris Owen wrote: You can't consider every wacko on the net when doing something like this. Anyone who considers a ping an attack probably isn't worth worrying about. I tend to agree, but back when I manned the abuse desk (among others) at my former employer, I would see abuse reports come in all the time that were basically a report from whatever security software someone was running on their PC, accompanied by a message that was usually something along the lines of this: HOST x.x.x.x ON YOUR NETWORK PINGED ME I TAKE MY SECURITY SERIOUSLY!! I'M CALLING THE FBI!!! The knee-jerk reaction is rarely the right one :) jms
Re: Researchers ping through first full 'Internet census' in 25 years
Ok. To make my own contribution to this thread hijack somewhat operational... How many people have had to add to their NOC/Abuse desk SOP: When someone calls threatening that they are the FBI/CIA/NSA/Your grandmother returned from the dead... something, something, something but essentially, Don't Panic. And they are basically a crackpot. Deepak Gadi Evron wrote: On Fri, 12 Oct 2007, Leigh Porter wrote: You are more likely to get 5000 zonealarm emails Or a place on dshield's top 10. Justin M. Streiner wrote: On Fri, 12 Oct 2007, Chris Owen wrote: You can't consider every wacko on the net when doing something like this. Anyone who considers a ping an attack probably isn't worth worrying about. I tend to agree, but back when I manned the abuse desk (among others) at my former employer, I would see abuse reports come in all the time that were basically a report from whatever security software someone was running on their PC, accompanied by a message that was usually something along the lines of this: HOST x.x.x.x ON YOUR NETWORK PINGED ME I TAKE MY SECURITY SERIOUSLY!! I'M CALLING THE FBI!!! The knee-jerk reaction is rarely the right one :) jms
Re: Researchers ping through first full 'Internet census' in 25 years
On Fri, 12 Oct 2007, Tim Franklin wrote: On Fri, October 12, 2007 2:49 pm, Justin M. Streiner wrote: HOST x.x.x.x ON YOUR NETWORK PINGED ME I TAKE MY SECURITY SERIOUSLY!! I'M CALLING THE FBI!!! That I can *sort* of understand - it's the flaming zealotry of ALL ICMP IS EEEVIL! trickling down from 99% of firewall admins working in enterprises to end users who just heard it from someone in IT. It's the Your server www.whatever.com is attacking me from port 80! ones that leave me torn between laughing, crying, and seriously thinking about a cull... Its all very well for those that know better to carry on like this, but I would suggest that those sortsa complaints only come from people who don't know better. They don't know how to interpret their Firewall warnings. And they don't know whats genuine and whats not. Heck, I remember being a little like that myself, back in the days of Windows + Conseal PC Firewall being the best security solution affordably available to home users - and from being DoS'd offline at 14400... (And i've only been working in the industry for 10 years.) Suggest that rather than knocking those who genuinely think that its a warzone out there (and isn't it?) efforts of ISPs to educate clients as to what is genuine abuse (and what isn't) should be rewarded. (If some random dynamic IP host on the other side of the world started hitting my firewall for no apparent reason, i'd be raising my eyebrows too. Of course, these days, I have a much better idea of what is genuinely threatening and what isn't.) Mark. [Sorry, but sometimes I get the distinct impression that Network Operators sometimes forget that the vast majority of people simply aren't anywhere near their level.]
Re: Researchers ping through first full 'Internet census' in 25 years
On Oct 12, 2007, at 5:08 PM, Mark Foster wrote: (If some random dynamic IP host on the other side of the world started hitting my firewall for no apparent reason, i'd be raising my eyebrows too. Of course, these days, I have a much better idea of what is genuinely threatening and what isn't.) If there weren't a dynamic IP host on the other side of the world hitting my firewall I'd be calling my provider, 'cos I'd know my connection had gone down. Cheers, Steve
Re: Researchers ping through first full 'Internet census' in 25 years
On 10/12/07, Steve Atkins [EMAIL PROTECTED] wrote: On Oct 12, 2007, at 5:08 PM, Mark Foster wrote: (If some random dynamic IP host on the other side of the world started hitting my firewall for no apparent reason, i'd be raising my eyebrows too. Of course, these days, I have a much better idea of what is genuinely threatening and what isn't.) If there weren't a dynamic IP host on the other side of the world hitting my firewall I'd be calling my provider, 'cos I'd know my connection had gone down. Probably a good enough observation to call this thread DOA. -M