Have you ever noticed that some websites can figure out, at least roughly, where you are? Sometimes they use it to find you a closer content provider. Or they might block you from seeing certain things while offering you other things specific to your location. This is possible because there are databases that map IPs to locations. [Mark Litwintschik] looks at using those databases from an API or downloading them into your own database. He also shows some very large database queries, which is interesting, too. He uses IPInfo, although there are other providers. Some only provide a limited number of lookups, but there are plenty of free tiers for low-volume usage.
The database changes every day. Of course, each provider has a different way of getting data, and so there are differences. [Mark] compares the IPInfo dataset against MaxMind’s also free database. That involved comparing over 3 billion records! Actually, the 3 billion are the number of IPs that matched up in both databases. There were an additional 118 million that didn’t match and 34 million that were not in the MaxMind database.
Continue reading “Where Exactly Did That Network Packet Come From?” →
This week we’re starting off with a somber note, as Dan Kaminsky passed at only 42, of diabetic ketoacidosis. Dan made a name for himself by noticing a weakness in DNS response verification that could allow attackers to poison a target DNS resolver’s cache. A theoretical attack was known, where spoofed DNS responses could collide with requests, but Time-To-Live values meant that DNS requests only go out once per eight hours or so. The breakthrough was realizing that the TTL limitation could be bypassed by requesting bogus subdomains, and aiming the spoofed responses at those requests. This simple technique transformed a theoretical attack that would take 87 years to a very real 10 second attack. Check out the period video after the break, where Dan talked about his efforts in getting the problem fixed.
Continue reading “This Week In Security: Dan Kaminsky, Banned From Kernel Development, Ransomware, And The Pentagon’s IPv4 Addresses” →
When did you first hear concern expressed about the prospect of explosive growth of the internet resulting in exhaustion of the stock of available IP addresses? About twenty years ago perhaps? All computers directly connected to the internet must have an individual unique address, and the IPv4 scheme used since the 1980s has a 32-bit address space that provides only 4,294,967,296 possibilities. All that growth now means that IPv4 addresses are now in short supply, and this week RIPE, the body which allocates them in Europe, has announced that it no longer has any to allocate. Instead of handing new address blocks they will instead now provide ones that have been relinquished for example by companies that have gone out of business, and parties interested can join a waiting list.
Is the Internet dead then? Hardly, because of course IPv6, the replacement for IPv4, has been with us for decades and has a much larger 128-bit address space. The problem is that there is a huge installed base of IPv4 infrastructure which has always been cited as the reason to delay its adoption, so the vast majority of the internet-connected world has remained with IPv4. Even in an IPv4 world there are opportunities to be more efficient in the use of addresses such as the network address translation or NAT that many private networks use to share one address between many hosts, so it’s not quite curtains for your smart TV or IoT light bulb even though the situation will not get any easier.
The mystery comes in why after so many years we still use IPv4 so much. Your home router and millions like it will pick up an IPv4 address from your broadband provider’s pool, and there seems little reason why it can not instead pick up an IPv6 address and contain a gateway between the two. The same goes for addresses outside the domestic arena, and even in out community we find that IPv6 networks at events are labelled as experimental. Perhaps this news will spur the change, but meanwhile we don’t expect to be using an IPv6 address day-to-day very soon.
We know among Hackaday’s readership there will be people close to the coalface when it comes to IPv6 adoption. As always the comments are open, and we’d like to hear your views.
Header: Robert.Harker [CC BY-SA 3.0].
When moving into a new house, it’s important to arrange for the connection of basic utilities. Electricity, water, and gas are simple enough, and then it’s generally fairly easy to set up a connection to an ISP for your internet connection. A router plugs into a phone line, or maybe a fiber connection and lovely packets start flowing out of the wall. But if you’re connected to the internet through an ISP, how is the ISP connected? [Kenneth] answers this in the form of an amusing tale.
It was during the purchase of data centre rack space that [Kenneth]’s challenge was laid down by a friend. Rather then simply rely on the connection provided by the data centre, they would instead rely on forging their own connection to the ‘net, essentially becoming their own Internet Service Provider.
This is known as creating an Autonomous System. To do this involves several challenges, the first of which is understanding just how things work at this level of networking. [Kenneth] explains the vagaries of the Border Gateway Protocol, and why its neccessary to secure your own address space. There’s also an amusing discussion on the routing hardware required for such a feat and why [Kenneth]’s setup may fall over within the next two years or so.
It’s not for the faint hearted, and takes a fair bit of paperwork, but [Kenneth] has provided an excellent guide to the process if you really, really just need to own your own corner of the internet. That said, there are other networking tricks to cut your teeth on if you’d like a simpler challenge, like tunneling IP over ICMP.