Return-Path: <sentto-279987-3875-1005796052-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 14 Nov 2001 20:09:07 -0800 (PST) Received: (qmail 6284 invoked by uid 510); 15 Nov 2001 04:06:37 -0000 Received: from n26.groups.yahoo.com (216.115.96.76) by all.net with SMTP; 15 Nov 2001 04:06:37 -0000 X-eGroups-Return: sentto-279987-3875-1005796052-fc=all.net@returns.groups.yahoo.com Received: from [10.1.4.55] by n26.groups.yahoo.com with NNFMP; 15 Nov 2001 03:45:48 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_0_1); 15 Nov 2001 03:47:32 -0000 Received: (qmail 83114 invoked from network); 15 Nov 2001 03:47:31 -0000 Received: from unknown (216.115.97.171) by m11.grp.snv.yahoo.com with QMQP; 15 Nov 2001 03:47:31 -0000 Received: from unknown (HELO red.all.net) (65.0.156.78) by mta3.grp.snv.yahoo.com with SMTP; 15 Nov 2001 03:47:30 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id fAF3mEA23708 for iwar@onelist.com; Wed, 14 Nov 2001 19:48:14 -0800 Message-Id: <200111150348.fAF3mEA23708@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 14 Nov 2001 19:48:14 -0800 (PST) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:'Dark.web.space'.hides.net.nasties] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit 'Dark web space' hides net nasties By James Middleton, VNU Net, 11/14/2001 http://www.vnunet.com/News/1126843 Results of a three-year study on internet 'reachability' have confirmed that the web is partitioned and littered with pockets of 'dark web space' which are home to some of the internet's nasties. The existence of dark web space runs contrary to the common belief that the internet is one fully connected graph. The research suggests that the web is partitioned and some prefixes are available for some providers, and not others. But more worryingly, the study found that this dark space is often used as a launch pad for fleeting internet attacks or as a spamming platform. A report released by Arbor Networks has revealed that as much as five per cent of the internet could exist in dark web space, a figure representing tens of millions of possible end hosts. Arbor found that these short-lived routing activities, like spamming, indicated a misuse of the routing infrastructure. The findings backed up last month's warning from the Computer Emergency Response Team that hackers may increasingly be targeting routing infrastructures as a platform for denial of service attacks. These murky parts of the internet could also be used to intentionally 'black hole' a target network's traffic. Arbor also found a large number of SMTP servers, including over 40,000 unique mail sources, a number of which were associated closely with known spamming incidents. These net nasties work by exploiting inherent weaknesses in the web's routing infrastructure. If a router can stake a claim on a block of address space, the rest of the net's infrastructure will simply accept it and route all traffic for that block. Because routers aren't set up to log such incidents, these dark corners of the web represent pockets of malicious or sinister activity and "intentional misuse and co-option of the internet routing infrastructure", said Arbor. The research found that over 70 per cent of the discovered disenfranchised hosts responded to 'reachability' tests identifying them as cable or ISDN pools, as well as US military networks. Strangely, a further 24 per cent of hosts responded to active availability tests, but had neither addressing nor routing information available. Arbor is now researching further into this area. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Universal Inkjet Refill Kit $29.95 Refill any ink cartridge for less! Includes black and color ink. http://us.click.yahoo.com/Vv.L9D/MkNDAA/ySSFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:59 PST