Bill,
> What percentage of the Internet traffic is junk?
I think two things needs to be clarified:
1. What is "junk"
(my $0.02: "junk" is what is as follows
and associated by-product traffic of:
- Viruses
- Worms
- Attacks of all kinds including DOS/dDOS
- Spam
- Crapware (
> Perhaps now I'm the one being pedantic, but you're confusing "somebody"
> with the owner of the resources involved in the sending.
Look, we're the ones asking what percentage of Internet traffic is junk, so
we're the somebody. We know what we mean and can do a reasonably good job of
ex
> Steve Gibbard wrote:
> If a few of you can stop being so pedantic for a second,
> the definition looks pretty easy to me: traffic unlikely
> to be wanted by the recipient.
This looks good to me although it also needs to include _return_ traffic
from junk traffic (say, you flood a target with IC
On Wed, 5 May 2004, Patrick W.Gilmore wrote:
>
> On May 5, 2004, at 2:39 PM, Smith, Donald wrote:
>
> > No. The router stays up. The tool I use is very fast. It floods the
> > GIGE
> > to the point that that interface is basically unusable but the router
> > itself stays up only the session is to
Perhaps now I'm the one being pedantic, but you're confusing "somebody"
with the owner of the resources involved in the sending.
What I said was, "presumably, if it's being sent that means *somebody*
wanted to send it."
Otherwise, we have to consider somebody doing what would otherwise be
legiti
> I'm not sure that I'd agree with this statement. What
> about the traffic from compromised sources? The pps
> floods or spam emails are not being created with the
> knowledge of the source, so it would be hard to say
> that the source "wanted" to send it.
Exactly. A great example is
At 01:56 PM 5/5/2004, Marshall Eubanks wrote:
Look at Table's 6, 7 and 8 - email, for example, is 1/2 %, so even if all
email
is spam, it's not that big a flow. Unidentified is typically about 30%, but
most of that is probably file sharing.
Thanks Marshall - a few others have said (paraphrasing):
> Once we can determine what percentage of nanog-l traffic is junk, we can
> start to tackle the bigger question :)
Sturgeon's Law provides a sufficient approximation, I think.
Stephen
Whenever I hear a question like this, I think of the weekly I2
netflow reports
http://netflow.internet2.edu/weekly/
http://netflow.internet2.edu/weekly/20040426/
Look at Table's 6, 7 and 8 - email, for example, is 1/2 %, so even if all email
is spam, it's not that big a flow. Unidentified is t
On 5/5/04 2:41 PM, "Brent Van Dussen" <[EMAIL PROTECTED]> wrote:
>
> One mans junk is another mans treasure :)
>
> -Brent
>
>
> At 11:21 AM 5/5/2004, William B. Norton wrote:
>
>> With all the spam, infected e-mails, DOS attacks, ultimately blackholed
>> traffic, etc. I wonder if there has b
--- Steve Gibbard <[EMAIL PROTECTED]> wrote:
>
> If a few of you can stop being so pedantic for a
> second, the definition
> looks pretty easy to me: traffic unlikely to be
> wanted by the recipient.
> Presumably, if it's being sent that means somebody
> wanted to send it, so
> the senders' desi
At 12:55 PM 5/5/2004, Steve Gibbard wrote:
If a few of you can stop being so pedantic for a second, the definition
looks pretty easy to me: traffic unlikely to be wanted by the recipient.
Presumably, if it's being sent that means somebody wanted to send it, so
the senders' desires are a pretty mean
Jeff Shultz wrote:
So instead of trying to determine what percentage of internet traffic
is junk, why don't we set up categories (I saw someone make a start at
it a couple of messages back) and figure out what percentage of traffic
fits under each category. We can come up with our own opinions as t
If a few of you can stop being so pedantic for a second, the definition
looks pretty easy to me: traffic unlikely to be wanted by the recipient.
Presumably, if it's being sent that means somebody wanted to send it, so
the senders' desires are a pretty meaningless metric.
The harder pieces are goi
On May 5, 2004, at 2:39 PM, Smith, Donald wrote:
No. The router stays up. The tool I use is very fast. It floods the
GIGE
to the point that that interface is basically unusable but the router
itself stays up only the session is torn down. I did preformed these
tests in a lab and did
not have full
So instead of trying to determine what percentage of internet traffic
is junk, why don't we set up categories (I saw someone make a start at
it a couple of messages back) and figure out what percentage of traffic
fits under each category. We can come up with our own opinions as to
which of those c
Very very very near to, but not quite 100%. Since almost all of the traffic
on the Internet isn't sourced by or destined for me, I consider it junk.
Also remember that to a packet kid, that insane flood of packets destined
for his target is the most important traffic in the world. And to a spamm
It might be interesting to get a sense of percentages of traffic that
are "undesireable" (spam, DDOS, etc), "administrative" (logging, snmp,
rmon, etc), and "user traffic".
On Wed, May 05, 2004 at 01:35:09PM -0500, Laurence F. Sheldon, Jr. wrote:
>
> William B. Norton wrote:
>
> >With all the s
One mans junk is another mans treasure :)
-Brent
At 11:21 AM 5/5/2004, William B. Norton wrote:
With all the spam, infected e-mails, DOS attacks, ultimately blackholed
traffic, etc. I wonder if there has been a study that quantifies
What percentage of the Internet traffic is junk?
Bill
No. The router stays up. The tool I use is very fast. It floods the GIGE
to the point that that interface is basically unusable but the router
itself stays up only the session is torn down. I did preformed these
tests in a lab and did
not have full bgp routing tables etc ... so your mileage may va
William B. Norton wrote:
With all the spam, infected e-mails, DOS attacks, ultimately blackholed
traffic, etc. I wonder if there has been a study that quantifies
What percentage of the Internet traffic is junk?
I don't know the answer in any case, but I would need a definition
for "Internet traff
With all the spam, infected e-mails, DOS attacks, ultimately blackholed
traffic, etc. I wonder if there has been a study that quantifies
What percentage of the Internet traffic is junk?
Bill
--On Wednesday, May 05, 2004 6:04 AM -0400 Matthew Crocker
<[EMAIL PROTECTED]> wrote:
We have all been through this before. Linux out of the box is generally
no more secure than Windows. Linux can also be misconfigured and hacked.
The reason why you don't see as many linux virus/worms is becau
At 01:26 PM 05/05/2004, [EMAIL PROTECTED] wrote:
On Wed, 05 May 2004 10:59:55 EDT, Mike Tancsa <[EMAIL PROTECTED]> said:
> Anyone else seeing Yahoo mail queue up today ?Some of their servers
> respond in about 10secs with the HELO banner, most others take more than
> 2m. Because of the recen
On Tue, 04 May 2004 16:58:40 PDT, chuck goolsbee <[EMAIL PROTECTED]> said:
>
> At 4:19 PM -0500 5/4/04, Laurence F. Sheldon, Jr. wrote:
> >chuck goolsbee wrote:
> >
> >>>However, up to 90% of the users *are* stupid:
>
> I didn't say that, I only quoted (Valdis Kletnieks) it... to which I
> repl
On Wed, 05 May 2004 10:59:55 EDT, Mike Tancsa <[EMAIL PROTECTED]> said:
> Anyone else seeing Yahoo mail queue up today ?Some of their servers
> respond in about 10secs with the HELO banner, most others take more than
> 2m. Because of the recent increase in SPAM, I was looking to reduce th
Of more interest.. does the router die (cpu load) before you brute force the
sessions down
Steve
On Tue, 4 May 2004, Smith, Donald wrote:
>
> I have seen 3 pubic ally available tools that ALL work.
> I have seen 2 privately tools that work.
> A traffic generator can be configured to successfu
> Matthew Crocker wrote:
> We require a NAT device or true firewall on all DSL
> customer connections. We sell cheap Linksys boxes
> to customers or they can upgrade to a SonicWall.
This makes a lot of sense to me. It's not a
silver bullet, but it does help.
> I still like PPPoE for customer aut
Anyone else seeing Yahoo mail queue up today ?Some of their servers
respond in about 10secs with the HELO banner, most others take more than
2m. Because of the recent increase in SPAM, I was looking to reduce the
wait time for the initial HELO to 2m from 5m. However, the RFC calls for 5m
%tcp-6-badauth: No MD5 digest from SRC.IP.NET.HOST(portnumber) to
DST.IP.NET.HOST(portnumber)
[EMAIL PROTECTED] GCIA
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xAF00EDCC
pgpFingerPrint:9CE4 227B B9B3 601F B500 D076 43F1 0767 AF00 EDCC
kill -13 111.2
> -Original Message-
> From:
One time Agis (remember Agis) hired me to go down to the local
Pennsauken NAP to find out what was wrong with their remote access to
what was then a core router. Someone had swiped the $.10 silver satin
cord for the modem. Had to be the cheapest theft with the highest
consequences I have seen.
"william(at)elan.net" <[EMAIL PROTECTED]> writes:
> > Hmmm, are you saying that the solution to many so-called
> > Internet security vulnerabilities is for people to
> > use an SI Firewall, aka Simple, Inexpensive Firewall,
> > aka Stateful Inspection Firewall?
>
> Its not a real solution, its
Its not manufacturers who did not caught up (in fact they did and offer
very inexpensive personal dsl routers goes all the way to $20 range),
its
DSL providers who still offer free dsl modem (device at least twice
more
expensive then router) and free network card and complex and
instructions
on
On Wed, 5 May 2004 [EMAIL PROTECTED] wrote:
> > (To deflect the inevitable "NAT is not a firewall" complaints, the box
> is a
> > stateful inspection firewall -- as all NAT boxes actually are).
>
> Hmmm, are you saying that the solution to many so-called
> Internet security vulnerabilities i
Matthew Crocker wrote:
> We have all been through this before. Linux out of the box is generally
> no more secure than Windows.
I would disagree with that, but that gets into a religious argument.
Really, however, the distribution involved with Linux is more critical
than that it is Linux. Some
On May 5, 2004, at 5:13 AM, Paul Jakma wrote:
On Tue, 4 May 2004, chuck goolsbee wrote:
So maybe they WOULD be better with a "WebTV" model.
Or a Macintosh.
or a cheap Lidel or WalMart PC with Fedora 1 on it. Epiphany,
Evolution and OpenOffice would keep vast majority of the basic
computer users ha
On Tue, 4 May 2004, chuck goolsbee wrote:
> So maybe they WOULD be better with a "WebTV" model.
>
> Or a Macintosh.
or a cheap Lidel or WalMart PC with Fedora 1 on it. Epiphany,
Evolution and OpenOffice would keep vast majority of the basic
computer users happy. Distributions like Fedora[0] are
> (To deflect the inevitable "NAT is not a firewall" complaints, the box
is a
> stateful inspection firewall -- as all NAT boxes actually are).
Hmmm, are you saying that the solution to many so-called
Internet security vulnerabilities is for people to
use an SI Firewall, aka Simple, Inexpensiv
38 matches
Mail list logo
