Re: MEDIA: ICANN rejects .xxx domain
On 5/11/06, Robert Bonomi [EMAIL PROTECTED] wrote: If we can coral them in it and legislate to have no porn anywhere else than on .xxx ... should fix the issue for the prudes out there. And _that_ is *precisely* why not. grin There have been at least three generations of proposals for .xxx 1 - In the early days, before ICANN's coup, while there was still active discussion about how to manage the DNS, there were proposals to create .sex and/or .xxx to sell to porn sites, and some of the alt-root types succeeded in making some money doing so. 2 - A few years ago, some US prudes proposed creating a .xxx to exile all the porn sites too, and at some point proposals were made to ICANN to create it. 3 - Shortly thereafter, other US prudes who weren't in the loop heard that there was a proposal to have *pornography* on the *internet*, and got upset and tried to ban .xxx. Tree-structured hierarchies are so much fun - there's inherently the potential for a power struggle for ownership of the root, and it's quite easy for the tree to absorb competitors or be absorbed by competitors (e.g. foo.altrootgang1.altroots.net. or microsoft.com.icannroot. both work, though the former annoys fewer people.) And Peter says he's working with Joe Baptista, so he doesn't need Jim Fleming to make his net.troll quota for the month :-) (Joe may be a troll, but he's done some *really* impressive trolling, particularly involving fax machines and the Canadian government.) -- Thanks; Bill Note that this isn't my regular email account - It's still experimental so far. And Google probably logs and indexes everything you send it.
Re: MEDIA: ICANN rejects .xxx domain
On Friday 12 May 2006 23:47, Barry Shein wrote: The namespace *was* flat, once. That didn't scale, and not just because of technical limitations -- the fact that there are only so many useful combinations of 26 letters in a relatively short name had some weight in there too. Fortunately unicode has rather more than 26 letters, even the DNS allows rathers more than 26, except for the first character of a hostname. So hierarchical naming was standardized (some forms of nonstandard hierarchy existed before then), and it's unlikely we're going back anytime in the foreseeable future. But there's no technical advantage of a hierarchical system over a simple hashing scheme, they're basically isomorphic other than a hash system can more easily be tuned to a particular distribution goal. Amazing how many experienced people seem to be saying this isn't possible, given there are already schemes out there using flat namespaces for large problems (e.g. Skype, freenet, various file sharing systems). Most of these are also far more dynamic than the DNS in nature, and most have no management overhead with them, you run the software and the namespace just works. I looked at a couple of these, and sneezed out a new system for a friend in a couple of hours, when he needed one, without great effort, the main thing was to avoid known pitfalls. So far it seems to work. However I think the pain in DNS for most people is the hierarchy, but the diverse registration systems. i.e. It isn't that it is delegated, it is that delegates all do their own thing. I've always pondered doing a flat, simple part of the DNS, or even an overlay, but of course it needs a business model of sorts. The main motivation was security, as currently the DNS model lacks PKI, and it doesn't look as if any amount of reworking the existing protocols is going to provide a suitable security framework soon, unless you count HTTPS/SSL and that still doesn't handle virtual hosting, and adds yet more management overhead in a hierarchical trust model. I wouldn't have fancied doing any of these things when the DNS was conceived, but both hardware and software have moved on enormously. Eventually these technologies will be replaced, and if it isn't done in an open and shared manner, the technologies will be replaced by proprietary systems.
Re: MEDIA: ICANN rejects .xxx domain
But there's no technical advantage of a hierarchical system over a simple hashing scheme, they're basically isomorphic other than a hash system can more easily be tuned to a particular distribution goal. Amazing how many experienced people seem to be saying this isn't possible, given there are already schemes out there using flat namespaces for large problems (e.g. Skype, freenet, various file sharing systems). Most of these are also far more dynamic than the DNS in nature, and most have no management overhead with them, you run the software and the namespace just works. According to your description, this is a hierarchical naming system. At the top level you have Skype, freenet, etc. defining separate namespaces. Because DNS was intended to be a universal naming system, it had to incorporate the hierarchy into the system. However I think the pain in DNS for most people is the hierarchy, but the diverse registration systems. i.e. It isn't that it is delegated, it is that delegates all do their own thing. Seems to me that this is part of the definition of delegate. Some would say that this makes for a more robust system than a monolithic hierarchy where everyone has to toe the party line. I've always pondered doing a flat, simple part of the DNS, or even an overlay, but of course it needs a business model of sorts. It has been tried at least twice and failed. http://www.theregister.co.uk/2002/05/13/realnames_goes_titsup_com/ http://www.idcommons.net --Michael Dillon
Re: MEDIA: ICANN rejects .xxx domain
[EMAIL PROTECTED] wrote: But there's no technical advantage of a hierarchical system over a simple hashing scheme, they're basically isomorphic other than a hash system can more easily be tuned to a particular distribution goal. Amazing how many experienced people seem to be saying this isn't possible, given there are already schemes out there using flat namespaces for large problems (e.g. Skype, freenet, various file sharing systems). Most of these are also far more dynamic than the DNS in nature, and most have no management overhead with them, you run the software and the namespace just works. djbdns with its hashing technique could do that but Bind 9 would break. There is still the problem wich single point would manage that database. According to your description, this is a hierarchical naming system. At the top level you have Skype, freenet, etc. defining separate namespaces. Because DNS was intended to be a universal naming system, it had to incorporate the hierarchy into the system. However I think the pain in DNS for most people is the hierarchy, but the diverse registration systems. i.e. It isn't that it is delegated, it is that delegates all do their own thing. Seems to me that this is part of the definition of delegate. Some would say that this makes for a more robust system than a monolithic hierarchy where everyone has to toe the party line. I've always pondered doing a flat, simple part of the DNS, or even an overlay, but of course it needs a business model of sorts. It has been tried at least twice and failed. http://www.theregister.co.uk/2002/05/13/realnames_goes_titsup_com/ http://www.idcommons.net --Michael Dillon It seems to work now. Just google for Apple: Rendezvous and Bonjour There are libs for linux and Microsoft too. Both Rendezvous and Bonjour are working. There is an incompatible version from Microsoft too, some say it is vaporware but I can still their queries for '.local' on our nameservers. Cheers Peter and Karin Dambier -- Peter and Karin Dambier The Public-Root Consortium Graeffstrasse 14 D-64646 Heppenheim +49(6252)671-788 (Telekom) +49(179)108-3978 (O2 Genion) +49(6252)750-308 (VoIP: sipgate.de) mail: [EMAIL PROTECTED] mail: [EMAIL PROTECTED] http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/
Re: MEDIA: ICANN rejects .xxx domain
* [EMAIL PROTECTED] (Peter Dambier) [Mon 15 May 2006, 11:11 CEST]: Both Rendezvous and Bonjour are working. They are the same thing. Rendezvous got renamed Bonjour after a trademark dispute. See http://www.appleinsider.com/article.php?id=891 There is an incompatible version from Microsoft too, some say it is vaporware but I can still their queries for '.local' on our nameservers. You are in so out of your depth it's just not funny anymore. Is there any possibility you have future postings clue-checked by someone, to avoid further embarrassments to yourself? -- Niels. -- Calling religion a drug is an insult to drugs everywhere. Religion is more like the placebo of the masses. -- MeFi user boaz
Geo location to IP mapping
Hi all, Can any of you please recommend some IP-to-geo mapping database / web service ? I would like to get resolution down to city if possible. Thanks and Regards, -ashe
Re: Geo location to IP mapping
GeoIP - http://www.maxmind.com/geoip/ Ashe Canvar wrote: Hi all, Can any of you please recommend some IP-to-geo mapping database / web service ? I would like to get resolution down to city if possible. Thanks and Regards, -ashe -- Alain Hebert[EMAIL PROTECTED] PubNIX Inc. P.O. Box 175 Beaconsfield, Quebec H9W 5T7 tel 514-990-5911 http://www.pubnix.netfax 514-990-9443
Re: Geo location to IP mapping
AC Date: Mon, 15 May 2006 09:35:47 -0700 AC From: Ashe Canvar AC Can any of you please recommend some IP-to-geo mapping database / web AC service ? AC AC I would like to get resolution down to city if possible. Many people would. Don't hope for much better than country granularity -- and even _that_ frequently is incorrect. Try the .zz.countries.nerd.dk DNS zone for a quick-and-easy source. Disclosure: I'm not affiliated in any way, other than that I use it. Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita DO NOT send mail to the following addresses: [EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED] Sending mail to spambait addresses is a great way to get blocked. Ditto for broken OOO autoresponders and foolish AV software backscatter.
Re: Geo location to IP mapping
On 5/15/06, Ashe Canvar [EMAIL PROTECTED] wrote: Hi all, Can any of you please recommend some IP-to-geo mapping database / web service ? I would like to get resolution down to city if possible. The gold standard is MaxMind GeoIP. http://www.maxmind.com/ There are a couple free ones I've seen, but they are quite a bit less accurate. I can't think of them off the top of my head. As a major caveat, all geolocation services do have some degree of inaccuracy, because the sources of data are very diverse. (Some ISPs provide complete subnet maps to MaxMind and other providers, whereas some data is scraped from WHOIS or provided by inference from end-users.) -- -- Todd Vierling [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: Geo location to IP mapping
cough scam_snake_oil_etc /cough On Mon, 15 May 2006, Alain Hebert wrote: : :GeoIP - http://www.maxmind.com/geoip/ : :Ashe Canvar wrote: : : : Hi all, : : Can any of you please recommend some IP-to-geo mapping database / web : service ? : : I would like to get resolution down to city if possible. : : Thanks and Regards,
Re: Geo location to IP mapping
At 12:49 PM 5/15/2006, Brian Wallingford wrote: cough scam_snake_oil_etc /cough How so? -M -- Martin Hannigan(c) 617-388-2663 Renesys Corporation(w) 617-395-8574 Member of Technical Staff Network Operations [EMAIL PROTECTED]
RE: Geo location to IP mapping
Quova seems to be the premier service: http://www.quova.com/ I read a story on them some time ago and I was left with the impression that all the other players are rookies, but then again, you probably will pay heavily for this service. Geobytes is another one I've played with. We're a small ISP, and I know they've never asked for our ranges, so the best any of these could do would be on a multi-county basis. For kicks I would like to try an IP address from each of our subnets and see how they do. Frank -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ashe Canvar Sent: Monday, May 15, 2006 11:36 AM To: [EMAIL PROTECTED] Subject: Geo location to IP mapping Hi all, Can any of you please recommend some IP-to-geo mapping database / web service ? I would like to get resolution down to city if possible. Thanks and Regards, -ashe
Re: Geo location to IP mapping
I'm not quite comfortable with the idea of building a market audience based on data with at best dubious accuracy. On Mon, 15 May 2006, Martin Hannigan wrote: :At 12:49 PM 5/15/2006, Brian Wallingford wrote: : :cough scam_snake_oil_etc /cough : : :How so?
Re: Geo location to IP mapping
It works for spammers. - billn On Mon, 15 May 2006, Brian Wallingford wrote: I'm not quite comfortable with the idea of building a market audience based on data with at best dubious accuracy. On Mon, 15 May 2006, Martin Hannigan wrote: :At 12:49 PM 5/15/2006, Brian Wallingford wrote: : :cough scam_snake_oil_etc /cough : : :How so?
Re: Geo location to IP mapping
Thanks for all your replies. I came across http://www.hostip.info/use.html, which looks good, at least from a API/ ease of use prespective. So how would the illustrious people on nanog solve the folowing issue: + PHB walks into my office and asks for a global distribution of my 500K customers. + Preferably wants a gigantic world map with realtime visualization of where the currently active customers are I can solve the visualization part and the GIS issues. But comes down to the accuracy of the geo-ip database in the end. -ashe On 5/15/06, Bill Nash [EMAIL PROTECTED] wrote: It works for spammers. - billn On Mon, 15 May 2006, Brian Wallingford wrote: I'm not quite comfortable with the idea of building a market audience based on data with at best dubious accuracy. On Mon, 15 May 2006, Martin Hannigan wrote: :At 12:49 PM 5/15/2006, Brian Wallingford wrote: : :cough scam_snake_oil_etc /cough : : :How so?
Re: Geo location to IP mapping
Well, I'm sure that everybodies here understand that the city databases cannot be accurate more than 50%. The way we disperse static IP on commercial accounts there is not way they can figure out where the destination is. The last best guest will be the peer router before my routers. For me the country db is good enought for basic webalizer report for the customers websites. (This way my customers dont waste queries to countries.nerd.dk on non-spam related things) Have fun... Bill Nash wrote: It works for spammers. - billn On Mon, 15 May 2006, Brian Wallingford wrote: I'm not quite comfortable with the idea of building a market audience based on data with at best dubious accuracy. On Mon, 15 May 2006, Martin Hannigan wrote: :At 12:49 PM 5/15/2006, Brian Wallingford wrote: : :cough scam_snake_oil_etc /cough : : :How so? -- Alain Hebert[EMAIL PROTECTED] PubNIX Inc. P.O. Box 175 Beaconsfield, Quebec H9W 5T7 tel 514-990-5911 http://www.pubnix.netfax 514-990-9443
Re: Geo location to IP mapping
IP location services are a niche service, they won't work in the broad sense of things. Sites that need to make lawyers happy, such as MLB.com will work well with IP location services. MLB.Com basically says they won't broadcast Dodger home games in the LA area on their website. (Or any team in their home market) Obviously there are ways to hide your location, but as long as the services offers reasonable results there will be demand for these services. Remember most of these IP location services were originally founded for advertisting reasons, not anti-fraud. KevinOn 5/15/06, Brian Wallingford [EMAIL PROTECTED] wrote: I'm not quite comfortable with the idea of building a market audiencebased on data with at best dubious accuracy.On Mon, 15 May 2006, Martin Hannigan wrote::At 12:49 PM 5/15/2006, Brian Wallingford wrote: ::cough scam_snake_oil_etc /cough:::How so?
Re: Geo location to IP mapping
On Mon, 15 May 2006 13:14:41 EDT, Bill Nash said: It works for spammers. Certainly explains all the Turkish spam I get, what with me being just outside Ankara and all. pgpEfHJbvAwB0.pgp Description: PGP signature
Re: Geo location to IP mapping
At 01:56 PM 5/15/2006, [EMAIL PROTECTED] wrote: On Mon, 15 May 2006 13:14:41 EDT, Bill Nash said: It works for spammers. Certainly explains all the Turkish spam I get, what with me being just outside Ankara and all. That's likely because they are attempting to do some sort of location analysis themselves and have limited data to work with. Spammers are generally not stupid. They are cheap since their ability o generate revenue is randomized based on the exploit of the day, so to speak. Targeting you with Turkish ads is probably a combination of being cheap and someone possibly stupid. Anyhow...before this thread turns into the debacle of incorrect information that the NTP one did -- Typically, an ip address is analyzed by using multiple sources of data. An attempt is made at a triangulation of sorts with both good and bad bits compared. As the good bits build the confidence factor in the triangulation rises. So you could have 2 pieces of info that do correlate, bring in the whois record, no correlation with that, and then toss it and bring something else in. Whois accuracy is not a factor here. Geo location isn't perfect, but it's not bad. I've heard of accuracy levels as high as 90% and I don't think that's too far fetched. With HostIP reporting 50% on the user survey and them being what I can demonstrate as bad, 90% isn't a stretch at all. Look at a geo use case. If there were a cyber threat level, a defcon so to speak, and the highest level is 5 and we reach this level someday, it could be prudent to build filter lists based on geo located routing table data and begin to block and log certain sources based on the threat level alone. Good geo data makes this entirely feasible. Applying this type of thinking to Internet doomsday scenarios will be key in survivability, IMHO. If you want every solution to be 100%, we're likely to be down for some factor longer than we need to be. Anyhow, back to your regularly scheduled show. :-) -M -- Martin Hannigan(c) 617-388-2663 Renesys Corporation(w) 617-395-8574 Member of Technical Staff Network Operations [EMAIL PROTECTED]
Re: Geo location to IP mapping
In article [EMAIL PROTECTED], Ashe Canvar [EMAIL PROTECTED] writes Thanks for all your replies. I came across http://www.hostip.info/use.html, which looks good, at least from a API/ ease of use prespective. I just tried that, says I'm 100 miles south of where I really am. That's quite a long way out in a small country like England. -- Roland Perry
Re: Geo location to IP mapping
At 03:56 PM 5/15/2006, Alexander Harrowell wrote: This is a frequent source of silly news stories - viz. the recent one, based on Google Trends, that Birmingham (UK) is the top city for porn searches and Brentford (UK) in the top five despite being a small suburb of London. Reason: both are the location of big isp NOCs. Since you completely ignored the security aspect, I'll address your reference to Google Trends. This is what you are probably talking about: http://www.google.com/trends?q=porn If what you are saying is true, that's some pretty bad geo-location and YMMV, but what source are you using to discount Googles numbers? Are you saying that everyone on all 3 shifts in those two large NOC's are searching for Porn on Google? Or are you saying that all their netblocks are in whois and have roles that state their blocks are located at those NOC's? If it's the latter, that would support either you being innacurtae in your assumption about the Trend, or google being wrong. I'd need more proof that Google is that far off and that it would appear as though they are simply using whois registrations for geo locating in their Trends product. I'd tend to doubt it. Anything is possible, I suppose. -M On 5/15/06, Martin Hannigan mailto:[EMAIL PROTECTED][EMAIL PROTECTED] wrote: At 01:56 PM 5/15/2006, mailto:[EMAIL PROTECTED][EMAIL PROTECTED] wrote: On Mon, 15 May 2006 13:14:41 EDT, Bill Nash said: It works for spammers. Certainly explains all the Turkish spam I get, what with me being just outside Ankara and all. That's likely because they are attempting to do some sort of location analysis themselves and have limited data to work with. Spammers are generally not stupid. They are cheap since their ability o generate revenue is randomized based on the exploit of the day, so to speak. Targeting you with Turkish ads is probably a combination of being cheap and someone possibly stupid. Anyhow...before this thread turns into the debacle of incorrect information that the NTP one did -- Typically, an ip address is analyzed by using multiple sources of data. An attempt is made at a triangulation of sorts with both good and bad bits compared. As the good bits build the confidence factor in the triangulation rises. So you could have 2 pieces of info that do correlate, bring in the whois record, no correlation with that, and then toss it and bring something else in. Whois accuracy is not a factor here. Geo location isn't perfect, but it's not bad. I've heard of accuracy levels as high as 90% and I don't think that's too far fetched. With HostIP reporting 50% on the user survey and them being what I can demonstrate as bad, 90% isn't a stretch at all. Look at a geo use case. If there were a cyber threat level, a defcon so to speak, and the highest level is 5 and we reach this level someday, it could be prudent to build filter lists based on geo located routing table data and begin to block and log certain sources based on the threat level alone. Good geo data makes this entirely feasible. Applying this type of thinking to Internet doomsday scenarios will be key in survivability, IMHO. If you want every solution to be 100%, we're likely to be down for some factor longer than we need to be. Anyhow, back to your regularly scheduled show. :-) -M -- Martin Hannigan(c) 617-388-2663 Renesys Corporation(w) 617-395-8574 Member of Technical Staff Network Operations mailto:[EMAIL PROTECTED][EMAIL PROTECTED] -- Martin Hannigan(c) 617-388-2663 Renesys Corporation(w) 617-395-8574 Member of Technical Staff Network Operations [EMAIL PROTECTED]
AW: Geo location to IP mapping
Hostip.info is so bad... One can find the exact location of my ip in the ripe-database and the tool doesn't get it. It claimed that I'm in some sort of 100souls small town altough I'm living in a major city. And hey: I was using an ip out of a hoster's block - not a dialup or something like that. Tss -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Roland Perry Gesendet: Montag, 15. Mai 2006 22:06 An: nanog@merit.edu Betreff: Re: Geo location to IP mapping In article [EMAIL PROTECTED], Ashe Canvar [EMAIL PROTECTED] writes Thanks for all your replies. I came across http://www.hostip.info/use.html, which looks good, at least from a API/ ease of use prespective. I just tried that, says I'm 100 miles south of where I really am. That's quite a long way out in a small country like England. -- Roland Perry
Re: Geo location to IP mapping
The NSA was granted a patent for an IP geo-location technology based on triangulation using latency measures. We played around with a similar approach using UDP several years ago and you could triangulate to the zip code level or so. A better way I think than the current approaches being discussed. Not sure if the NSA patent is being commercialized or not though. http://news.com.com/NSA+granted+Net+location-tracking+patent/2100-7348_3-5875953.html
Re: Geo location to IP mapping
Yeap, I'm moron. You didn't know it yet? - Come on... The way we disperse static IP ain't imagination, its fact... We spread a /20 on dynamic dialup and dsl over 2 provinces and since most of the residential services is build like this you cannot get a read of where that ip user is located, unless you have also access to our customers db and authentication account db too. The best you'll get is country. Even then we have some that are LanEx'ed in europe and usa. (FYI: English is not my first language btw... so dont expect too much) David Schwartz wrote: I'm sure that everybodies here understand that the city databases cannot be accurate more than 50%. They *cannot* be? The way we disperse static IP on commercial accounts there is not way they can figure out where the destination is. The last best guest will be the peer router before my routers. For me the country db is good enought for basic webalizer report for the customers websites. (This way my customers dont waste queries to countries.nerd.dk on non-spam related things) This is a pure argument from lack of imagine. They most certainly can be. Hypothetically, consider a company that had access to sales and account databases from sites like eBay, Amazon, and the like. It extracts from this database IP/city pairs. From this, it could do much better than 50%. You are basing your conclusions on your own lack of imagination. DS -- Alain Hebert[EMAIL PROTECTED] PubNIX Inc. P.O. Box 175 Beaconsfield, Quebec H9W 5T7 tel 514-990-5911 http://www.pubnix.netfax 514-990-9443
Re: Geo location to IP mapping
At 05:36 PM 5/15/2006, Alain Hebert wrote: Yeap, I'm moron. You didn't know it yet? I already mentioned the NTP thread. Let's not relive it. There are some facts: 1. Geo location is a real application 2. There are multiple methods for obtaining the location (accuracy varies) 3. I wouldn't use current ip geo location to pinpoint UBL, but perhaps knowing where his post office is... 4. it's reliable enough for security applications and advertising, depending upon your method, provider, and use case I could offer more examples of improving the accuracy on a geo-asp provider level, but I think more than enough has been said about the topic to make it clear to the average reader. Take a look at the NSA patent mentioned. It's here and it's free: http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1Sect2=HITOFFd=PALLp=1u=%2Fnetahtml%2FPTO%2Fsrchnum.htmr=1f=Gl=50s1=6947978.PN.OS=PN/6947978RS=PN/6947978 -M -- Martin Hannigan(c) 617-388-2663 Renesys Corporation(w) 617-395-8574 Member of Technical Staff Network Operations [EMAIL PROTECTED]
Re: Geo location to IP mapping
RP Date: Mon, 15 May 2006 21:05:35 +0100 RP From: Roland Perry RP I just tried that, says I'm 100 miles south of where I really am. That's RP quite a long way out in a small country like England. me too Home cable returned haven't got a clue. I tried a couple other netblocks that returned different places in Florida, Mississippi, and Illinois. Not too good when the correct answers are Kansas and California. /me too *yawn* Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita DO NOT send mail to the following addresses: [EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED] Sending mail to spambait addresses is a great way to get blocked. Ditto for broken OOO autoresponders and foolish AV software backscatter.
network triangulation (Re: Geo location to IP mapping)
Date: Mon, 15 May 2006 17:24:48 -0400 From: [EMAIL PROTECTED] The NSA was granted a patent for an IP geo-location technology based on triangulation using latency measures. It could probably be foiled by this patented technology: http://www.tinyurl.com/ebu6t which is equally reliable and useful. ;-) ObOp: Latency and jitter cause problems with triangulation. I find zipcode-level accuracy hard to believe for a predictive system. Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita DO NOT send mail to the following addresses: [EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED] Sending mail to spambait addresses is a great way to get blocked. Ditto for broken OOO autoresponders and foolish AV software backscatter.
Re: Geo location to IP mapping
AH Date: Mon, 15 May 2006 23:24:13 +0100 AH From: Alexander Harrowell AH [W]hen the path is [...] it won't be quite that clear. Exactly. It's a bit different than triangulating cell towers based on signal strength. Since when does the NSA patent things, anyhow? I'd think they would keep secret anything that's actually effective. Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita DO NOT send mail to the following addresses: [EMAIL PROTECTED] -*- [EMAIL PROTECTED] -*- [EMAIL PROTECTED] Sending mail to spambait addresses is a great way to get blocked. Ditto for broken OOO autoresponders and foolish AV software backscatter.
Re: Geo location to IP mapping
On May 15, 2006, at 4:36 PM, Alain Hebert wrote: Yeap, I'm moron. You didn't know it yet? - Come on... The way we disperse static IP ain't imagination, its fact... We spread a /20 on dynamic dialup and dsl over 2 provinces and since most of the residential services is build like this you cannot get a read of where that ip user is located, unless you have also access to our customers db and authentication account db too. The best you'll get is country. Even then we have some that are LanEx'ed in europe and usa. (FYI: English is not my first language btw... so dont expect too much) We use a Geo/IP location database. It's surprisingly accurate, with a few exceptions. The company we purchased the database from uses a number of sources of data, to produce something pretty accurate: 1) WHOIS records for the IP assignment 2) WHOIS records for domain in the PTR record for the IP 3) Parsing the PTR record for city names and airport codes 4) Purchasing IP/billing and shipping city,state,zip records from sites with accurate records (e-commerce and other sites that people need to enter their local info) 5) All of the above for the hop or two before the end in a traceroute 6) BGP and traceroute comparisons to determine where the boundaries are in how you've internally routed things Even if you're just allocating from a single /20, you probably have some hierarchy, and that can be picked up through routing or DNS or SWIP. Comparing the database to the IP that our customers used to make purchases we exceed 95% accuracy in identifying the country, and 75-85% in city/state. The big exception is AOL, since their IP assignments are pretty well randomized with respect to geography. Never underestimate what can be done through regular expressions and an army of people sitting at terminals in China to verify what can't be automated. :) For those of you really interested, email me privately and i'll dump what we have on record for a block or two of yours.
Re: Geo location to IP mapping
Google's available geolocation resources are much more direct: They can get the information directly from the user. Google mail users setting location information, google home page users setting weatherbug details, common location searches in google maps, or local business directory searches. Taken in connection with neighboring IPs, you can generate the correlations statistically, even going so far as being able to make a good guess at a dialup IP versus an 'always on' connection. This would be the same for MSN, Yahoo search, or any portal based search engine. Forget relying on a thousand different companies hopefully keeping accurate records, *if any* about what IP where. The user is, for once, a much better source of information. - billn On Mon, 15 May 2006, Kevin Day wrote: We use a Geo/IP location database. It's surprisingly accurate, with a few exceptions. The company we purchased the database from uses a number of sources of data, to produce something pretty accurate: 1) WHOIS records for the IP assignment 2) WHOIS records for domain in the PTR record for the IP 3) Parsing the PTR record for city names and airport codes 4) Purchasing IP/billing and shipping city,state,zip records from sites with accurate records (e-commerce and other sites that people need to enter their local info) 5) All of the above for the hop or two before the end in a traceroute 6) BGP and traceroute comparisons to determine where the boundaries are in how you've internally routed things Even if you're just allocating from a single /20, you probably have some hierarchy, and that can be picked up through routing or DNS or SWIP. Comparing the database to the IP that our customers used to make purchases we exceed 95% accuracy in identifying the country, and 75-85% in city/state. The big exception is AOL, since their IP assignments are pretty well randomized with respect to geography. Never underestimate what can be done through regular expressions and an army of people sitting at terminals in China to verify what can't be automated. :) For those of you really interested, email me privately and i'll dump what we have on record for a block or two of yours.
Re: Geo location to IP mapping
From [EMAIL PROTECTED] Mon May 15 17:42:13 2006 From: Kevin Day [EMAIL PROTECTED] Subject: Re: Geo location to IP mapping Date: Mon, 15 May 2006 17:40:23 -0500 We use a Geo/IP location database. It's surprisingly accurate, with a few exceptions. [[ sneck ]] Comparing the database to the IP that our customers used to make purchases we exceed 95% accuracy in identifying the country, and 75-85% in city/state. The big exception is AOL, since their IP assignments are pretty well randomized with respect to geography. *dynamically* randomized, no less, or so I've been told. As in: _all_ the customer session addresses are assigned out of *one* DHCP pool. I thought that 'unlikely', considering the mayhem on internal routing tables, but the AOL rep was rather insistant that that _was_ the case. They also have 'virtual' POPs, where they just backhaul ('tens if not hundreds' of miles, in same cases) voice, rather than having any physical equipment present.
Re: Geo location to IP mapping
Hi, (In a more precise manner) I originaly stated that below country (aka, province/state, city, zip, etc) it wont be very reliable because in my experience we spread that /20 without the hierarchy you expect. Meaning: . We have subnets on LanEx going outside the city, province/state and even country; . We concentrate compagny with 10 to 50 sites using private ip and a single internet point; . We have dynamic ip users using cable, dsl, dialup and even long-distance dialup; More?: I'm sure peoples have many more of hierarchy situation like this one. Solution: None really, short of having access the real infrastruture of the ISP. I'm sure the IP Location Industry have deals with the major ISP to get their DB more precise. But if the targeted IP is on a smaller outfit the quality of the informations will not be the same. This is why I stated that globally the state/city should be pretty low (50%). That good that you have 75% to 85% but I wasn't ignoring the AOL's in my statement. That's all. (FYI: The NTP Issue has been resolved (;-} ) Kevin Day wrote: On May 15, 2006, at 4:36 PM, Alain Hebert wrote: We use a Geo/IP location database. It's surprisingly accurate, with a few exceptions. The company we purchased the database from uses a number of sources of data, to produce something pretty accurate: 1) WHOIS records for the IP assignment 2) WHOIS records for domain in the PTR record for the IP 3) Parsing the PTR record for city names and airport codes 4) Purchasing IP/billing and shipping city,state,zip records from sites with accurate records (e-commerce and other sites that people need to enter their local info) 5) All of the above for the hop or two before the end in a traceroute 6) BGP and traceroute comparisons to determine where the boundaries are in how you've internally routed things Even if you're just allocating from a single /20, you probably have some hierarchy, and that can be picked up through routing or DNS or SWIP. Comparing the database to the IP that our customers used to make purchases we exceed 95% accuracy in identifying the country, and 75-85% in city/state. The big exception is AOL, since their IP assignments are pretty well randomized with respect to geography. Never underestimate what can be done through regular expressions and an army of people sitting at terminals in China to verify what can't be automated. :) For those of you really interested, email me privately and i'll dump what we have on record for a block or two of yours. -- Alain Hebert[EMAIL PROTECTED] PubNIX Inc. P.O. Box 175 Beaconsfield, Quebec H9W 5T7 tel 514-990-5911 http://www.pubnix.netfax 514-990-9443
Re: Geo location to IP mapping
I seriously doubt this would work to better than the regional area. My zip code (20124) region is about 5 km across, which would be 15 microseconds in vacuum, and maybe at most 50 micro seconds in glass. So, you would need accuracies at the 10's of microsecond level to specify zip codes. I can believe that you can measure transmission times down a fiber and achieve repeatability at the microsecond level - in fact, I remember a Michelson interferometer that they set up at JPL / Goldstone that tested the Sagnac effect in glass, which required substantially better repeatibility than that. But do you really think that you can estimate the router delay on the (for example) 9 hops between here and GMU to better than 1 millisecond each ? (That would imply a 3 millisecond rms error if these errors were random and Gaussian, or about 1000 km in vacuum, and maybe 500 km error in glass.) So, I think that this would fail by at least 2 orders of magnitude for zip codes in a real operational network. Which coast of the US, sure, but not much better than that. Regards Marshall On May 15, 2006, at 5:24 PM, [EMAIL PROTECTED] wrote: The NSA was granted a patent for an IP geo-location technology based on triangulation using latency measures. We played around with a similar approach using UDP several years ago and you could triangulate to the zip code level or so. A better way I think than the current approaches being discussed. Not sure if the NSA patent is being commercialized or not though. http://news.com.com/NSA+granted+Net+location-tracking+patent/ 2100-7348_3-5875953.html
Re: Geo location to IP mapping
On Mon, 15 May 2006 21:49:31 -0400, Marshall Eubanks [EMAIL PROTECTED] wrote: I seriously doubt this would work to better than the regional area. My zip code (20124) region is about 5 km across, which would be 15 microseconds in vacuum, and maybe at most 50 micro seconds in glass. So, you would need accuracies at the 10's of microsecond level to specify zip codes. I can believe that you can measure transmission times down a fiber and achieve repeatability at the microsecond level - in fact, I remember a Michelson interferometer that they set up at JPL / Goldstone that tested the Sagnac effect in glass, which required substantially better repeatibility than that. But do you really think that you can estimate the router delay on the (for example) 9 hops between here and GMU to better than 1 millisecond each ? (That would imply a 3 millisecond rms error if these errors were random and Gaussian, or about 1000 km in vacuum, and maybe 500 km error in glass.) So, I think that this would fail by at least 2 orders of magnitude for zip codes in a real operational network. Which coast of the US, sure, but not much better than that. I suspect you can do that; a bigger factor is the link type of the last hop. Cable modems, DSL, 802.11 -- they all have characteristic delays. The important insight is that you care about *minimum* time. You can lots of queueing delays and jitter most of the time, as long as you get one packet through unobstructed. Send enough probes and you'll make it. I did some similar work in 1992; see http://www.cs.columbia.edu/~smb/papers/netmeas.pdf for details. You couldn't repeat, today, exactly what I did then, because of the way pings are handled by modern routers, but I suspect one could find analogous schemes. To give one example of what I could tell -- and I was looking at the per-byte cost -- I was able to determine, from New Jersey, that a router outside Chicago was misconfigured; the site's backbone Ethernet should have been on the same card as the serial line (in the days of T-1 interfaces...), because copying the packet across the backplane introduced a noticeable per-byte delay. --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Re: Geo location to IP mapping
On Mon, 15 May 2006, Roland Perry wrote: http://www.hostip.info/use.html, which looks good, at least from a API/ ease of use prespective. I just tried that, says I'm 100 miles south of where I really am. That's quite a long way out in a small country like England. 1.3ms is longer in small countries like England? -Bill