IPv6 Prefix Discovery Murray S. Kucherawy. Today IPv4-based email abuse prevention relies heavily on a database of IP addresses with bad reputations A.

Slides:



Advertisements
Similar presentations
BGP Unallocated Address Route Server Geoff Huston March 2002.
Advertisements

1 Taiwan Routing table statistics – a new service in TWNIC Ching-Heng Ku IP Department TWNIC.
DNS Proxy Bypass by Recursive DNS Discovery and LOCAL.ARPA draft-ietf-dns-recursive-discovery Ray Bellis IETF76 DNSOP WG Hiroshima, 11 th November 2009.
Internet Applications INTERNET APPLICATIONS. Internet Applications Domain Name Service Proxy Service Mail Service Web Service.
Applications Test Results in MIF environment draft-zheng-mif-apps-test-02.txt IETF 81 Quebec City.
Lecturer, Department of Computer Application
IP Address Presented by Ravi Namboori. IP Address IP Address is a numerical number assigned to each and every device which is looped in a computer network.
Connectivity  Colocation  Cloud Services Why You Can’t Ignore IPv6 Presented by Kirk Coviello VP of Support Services, Digital West Networks, Inc.
ARP Caching Christopher Avilla. What is ARP all about? Background Packet Structure Probe Announcement Inverse and Reverse Proxy Tools Poisoning MAC Flooding.
IPv6 Glue Why registrars need to support it Elise Gerich VP, IANA.
Internet Online Safety How to have FUN and Stay in Control.
What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via , text message, online chat, blogs or various other.
Bangkok October 2005 Slide 1 Whois Services Jaap Akkerhuis
Cyberbullying When good technology goes bad…….. Stay safe in cyberspace.
What is Cyber bullying? Cyber bullying is when a person, or a group of people, uses the internet, mobile phones or other digital technologies to threaten,
1 Aug. 3 rd, 2007Conference on and Anti-Spam (CEAS’07) Slicing Spam with Occam’s Razor Chris Fleizach, Geoffrey M. Voelker, Stefan Savage University.
An Engineering Approach to Computer Networking
How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.
MOBILITY SUPPORT IN IPv6
Application Layer At long last we can ask the question - how does the user interface with the network?
Flash Crowds And Denial of Service Attacks: Characterization and Implications for CDNs and Web Sites Aaron Beach Cs395 network security.
1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.
Wide-area cooperative storage with CFS
SM3121 Software Technology Mark Green School of Creative Media.
IP Subnetting CIT 307 Kevin Siminski.
Multicast DNS Draft-aboba-dnsext-mdns-00.txt. Outline Goals and objectives Scope of the multicast DNS DNS server discovery Non-zeroconf behavior Zeroconf.
CSE 461 Section (Week 0x02). Port numbers for applications MAC addresses for hardware IP addresses for a way to send data in a smart, routable way.
Ch. 31 Q and A IS 333 Spring 2015 Victor Norman. SNMP, MIBs, and ASN.1 SNMP defines the protocol used to send requests and get responses. MIBs are like.
Ch. 31 Q and A CS332 Spring Network management more than just Ethernet Q: Comer mentions that network managers need to be able to account for different.
Reverse DNS Delegations, Templates and RWS Andy Newton Chief Engineer.
IP Addressing. Dotted Decimal Notation IP addresses are written in a so-called dotted decimal notation Each byte is identified by a decimal number in.
2 © 2003, Cisco Systems, Inc. All rights reserved. RST-2002 IP Addressing.
Information-Centric Networks03a-1 Week 3 / Paper 1 What DNS is not –Paul Vixie –CACM, December 2009, vol. 52, no. 12 Main point –“DNS is many things to.
Chapter 16 – DNS. DNS Domain Name Service This service allows client machines to resolve computer names (domain names) to IP addresses DNS works at the.
Example applications Symbolic names and the Domain Name System (DNS)
1 Application Layer Lecture 6 Imran Ahmed University of Management & Technology.
Chord & CFS Presenter: Gang ZhouNov. 11th, University of Virginia.
Data Structures & Algorithms and The Internet: A different way of thinking.
Chapter 6 VLSM and CIDR.
Chapter 6 VLSM and CIDR CIS 82 Routing Protocols and Concepts Rick Graziani Cabrillo College Last Updated: 3/30/2008.
1 Barriers to Enum What VoIP providers ask about Enum Dr. Dorgham Sisalem.
Network Layer COM211 Communications and Networks CDA College Theodoros Christophides
CIDR Classless Inter Domain Routing Give the IP address space some breathing room! Basic idea: allocate the remaining IP addresses in variable-size blocks.
In your business. DATING!!! Take a few minutes and write down one of the best dates you have ever been on. Then we will have a few of you share your exciting.
Computer Networks Fall, 2007 Prof Peterson. CIS 235: Networks Fall, 2007 Western State College How’s it going??
ISPA’s Antispam Activities Bretton Vine, Future Foundation /
Information-Centric Networks Section # 3.2: DNS Issues Instructor: George Xylomenos Department: Informatics.
Information-Centric Networks Section # 3.1: DNS Issues Instructor: George Xylomenos Department: Informatics.
1 Ali C. Begen URLs and HTTP Response Forms for Multicast David Singer and Ali C. Begen IETF 92 –
The problem of spam from IPv6. Modern filters.
Ch 6: DNSSEC and Beyond Updated DNSSEC Objectives of DNSSEC Data origin authentication – Assurance that the requested data came from the genuine.
What is Cyber bullying? Cyber bullying is when a person, or a group of people, uses the internet, mobile phones or other digital technologies to threaten,
Basics of the Domain Name System (DNS) By : AMMY- DRISS Mohamed Amine KADDARI Zakaria MAHMOUDI Soufiane Oujda Med I University National College of Applied.
(Domain Name System) Ismael Ali Technology Context Chi.
Domain Name System (DNS) The Technology Context – B101 Coursework 2 The Technology Context – B101.
Ch. 23, 25 Q and A (NAT and UDP) Victor Norman IS333 Spring 2015.
Difference between External and Internal Server Monitoring.
Lecture 2 Page 1 CS 236 Online Security Policies Security policies describe how a secure system should behave Policy says what should happen, not how you.
COSC2410: LAB 19 INTRODUCTION TO MEMORY/CACHE DIRECT MAPPING 1.
What it is and how to stop it.  What spam is.  Why it can be dangerous.  How to handle it.
Lecture 2: Leaf-Spine and PortLand Networks
Network Layer Protocols
Forwarding and Routing IP Packets
What is Cyber bullying? Cyber bullying is when a person, or a group of people, uses the internet, mobile phones or other digital technologies to threaten,
Troubleshooting IP Addressing
Bell Ringer How can you protect your self online?
An Engineering Approach to Computer Networking
Presentation transcript:

IPv6 Prefix Discovery Murray S. Kucherawy

Today IPv4-based abuse prevention relies heavily on a database of IP addresses with bad reputations A database of addresses is no larger than 4.3 billion entries (of course) Most popular expression of these is the RBL (Realtime Block List, RFCxxxx), which is published via the DNS

RBLs Query: rbl-root, ask for A Reply: NXDOMAIN, or – Or sometimes the octets in the reply encode reputation data Caching and redundancy keep this functional and practical – …so far

IPv6 Vastly larger address space Not practical to consider tracking reputation about each of them No standard delegation size; commonly between /48 and /64 A spammer could send junk from such a network and rarely, if ever, re-use a single address

RBLs under IPv6 Ignoring database size for a moment, this still wont work A spammer changing IP address quickly will mean caching of previous answers becomes useless And other cached data will be flushed because of space limits So this would clobber the DNS in general

Whats needed We need to be able to figure out, given an IP address, the size of the endpoint delegation Allows address aggregation by reputation systems Keeps the query space about the same as it is for IPv4 now IRTF has an idea out there that allows the DNS to express IP ranges

Some ideas Publish it via WHOIS – WHOIS isnt standard and doesnt seem scalable – Some registrars cant be trusted to publish real data Get it from BGP – MTAs dont really have access to BGP data – Wed need a standard interface to exchange it between the lower layers and the higher ones

Can you help? Does this working groups mandate fit the idea of exploring this? Or does it belong in some other WG? How would you suggest we go about doing this?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.