Saturday, October 20, 2001
Topic/Presenter |
---|
Full AbstractThe Internet is a battleground, with ISP's and their customers right in the middle of the line of fire. What ISPs need to protect themselves are tools and techniques that work in the line of fire, i.e., tools that fight DoS attacks and provide something other than a busy signal on the customer service line. Speakers |
Full AbstractThis tutorial addresses the building blocks of IP routing protocol scalability (hierarchy, redundancy, and addressing and summarization) along with protocol-specific issues. BGP, ISIS and OSPF configurations and parameters are explored. The examples presented include a set of protocol-specific "best practices." Speakers |
Sunday, October 21, 2001
Topic/Presenter |
---|
Full AbstractSpeakers |
Full AbstractSpeakers |
|
RecordingsFull AbstractThis tutorial introduces service providers to some of the features available in BGP to aid multihoming to the Internet. After an explanation of multihoming and the principles being followed in this tutorial, several examples involving different scenarios will be given. This includes the options available when multihoming to the same ISP (including RFC2270) and to different upstreams. Configurations for modifying inbound and outbound traffic flows are covered. The tutorial concludes with a case study, and an examination of the use of BGP communities by several ISPs. Speakers |
Full AbstractThis session highlights new techologies for optical-based networks. The tutorial begins by examining how service providers have constructed their networks in the past in order to cope with the need for IP bandwidth. System equipment layers are discussed, and how they are now being collapsed into an emerging two-layer network. Future technology directions are then explored, including pure photonic routers. We then discuss how network architectures will look, along with their benefits. An in-depth look is taken at generalized MPLS (GMPLS), which allows the IP routing layer to share a common control plane with the optical transmission layer. The importance of this is explained and why it could be the basis for building IP service infrastructures of the future. Speakers |
Full AbstractThe goal of this presentation will be to introduce NOBAD, the Network Oriented Basic Anomaly Detection Infrastructure. NOBAD, a volunteer effort, aims to provide a means of distributed network performance and anomaly measurements to quickly detect network problems. These could include line saturation or CPU spikes, which might be signs of denial of service attacks or technical problems. NOBAD consists of a number of sensors deployed throughout the network and a smaller number (where 'number' is an arbitrary amount from one to n) of so-called aggregators to collect data and react accordingly. Speakers |
RecordingsFull AbstractThis presentation describes a network service model for high-speed Metropolitan Area Network (MAN) service providers to deliver economical services between cities. It utilizes a distance-insensitive IP NSP as a WAN partner for inter-city services, simplifies MAN operation, and improves the scalability of a traditional standard overlay model by allowing the MAN provider to peer with the NSP for both Internet transit and inter-city MAN services (e.g., transparent LAN services.) Speakers |
RecordingsFull AbstractThis presentation considers whether service providers should roll out MPLS in their networks, and what questions they should ask in arriving at the answer. Kompella addresses commonly asked questions, such as "What's the benefit of using MPLS vs. ATM?", "MPLS vs. IP?" and "Are the benefits of MPLS worth rolling out new protocols?" He also suggests more fundamental questions that should be asked. Speakers |
Monday, October 22, 2001
Topic/Presenter |
---|
RecordingsFull AbstractSpeakers |
Full AbstractCisco Systems |
Full AbstractNow more than ever, Internet Service Providers are focusing on ways to increase the resiliency of their networks and, if at all possible, reduce their operating costs at the same time. Past research (Peering Decision Tree, presented at NANOG 19, and A Business Case for Peering) demonstrates the economic tradeoffs of peering and highlight the simple but challenging first step: How to know who to talk with at an ISP to get peering set up? Speakers |
Full AbstractSpeakers |
RecordingsFull AbstractSpeakers |
|
RecordingsFull AbstractAfter the horrific attacks of September 11, Matrix.Net was asked by the Office of the President to track the effects on the Internet and to examine past records for any unusual incidents. Salus presents data, maps, and graphs for Internet performance on September 11 and during earlier disruptive events. Speakers |
RecordingsFull AbstractUsing details gathered from both small and larage providers in New York, the rest of the USA, and overseas, Donelan discusses the events and aftermath of September 11 from an operators' point of view. Speakers |
RecordingsFull AbstractOn the morning of September 11, 2001, after the terrorist attacks in New York and Washington, many Internet users tried to get news and information over the Internet, only to be met with sluggish performance or unavailable websites. These problems were compounded for users in New York because of the general unavailability of terrestrial broadcasts after the structural failure of the World Trade Center. By contrast, multicasting, which was designed to deal with sudden audience spikes, did not suffer any known outages, and multicast video audiences increased to unprecedented levels. At Networld+Interop in Atlanta, which was ongoing at the time of the attacks, "the crowds around the one [multicast] display had grown so large as to constitute a fire hazard, [while] all the major news web sites had completely melted down." Speakers Rich Mavrogeanes, Vbrick |
Full AbstractThis talk highlights recent trends in denial of service attack technology from the perspective of CERT's analysis of the continued development, deployment, and use of denial of service attack tools by intruder communities. Speakers |
Full AbstractSpeakers |
Full AbstractThis talk provides an overview of CAIDA's analyses of http://www.caida.org/research/security/code-red/" TARGET="_BLANK">Code Red and other recent worms Speakers |
RecordingsFull AbstractThis presentation takes a real-world look at DoS attacks, concentrating on those launched in relation to Internet Relay Chat (IRC). We will cover the psychology of those who launch DoS attacks, the tools and methods they use, and our successes with tracking and prosecution of these individuals. Additionally, we will cover our tried-and-tested methods of observing, tracking, and defending against these attacks. Finally, we will focus on the effects of these attacks on nearby machines and network infrastructure. Speakers Steven Schechter, Globix Jason Slagle, Toledo Internet Access |
RecordingsFull AbstractNetwork engineers have been known to use diversion to blackhole DDoS attacks. This technique may divert and blackhole legitimate traffic. We present a method that provides availability under DDoS attacks by combining different diversion methods with a mechanism that sieves the "bad" packets and forwards the "good" packets to the intended victim. The method minimizes demand on router resources and does not introduce additional elements on the normal data path. Speakers Anat Bremler-Barr, Tel-Aviv Univ. & WANWall |
|
RecordingsFull AbstractIn this talk, we explore the degree to which commercial strategies, peering disputes, network failures, misconfiguration, and occasionally, malicious intent, lead to a partitioning of Internet topology. Specifically, we present a three-year study of the differences in Internet provider reachability. We focus on "dark address space," or the range of topology accessible from one provider, but unreachable via one or more competitor networks. We present active and passive measurements of these differences on time scales ranging from several seconds to multiple months. Speakers |
RecordingsFull AbstractThis talk will present our measurement and analysis of multiple origin AS (MOAS) conflicts in observed BGP updates, as well as a proposal for use of a community attribute and DNS to decrease risk in cases where MOAS conflicts may cause significant Internet routing disruption. Examples of such disruption include the AS8584 case in April 1998, and the instabilities generated by C&W peering changes in June of this year. Speakers |
Full AbstractWhile it is well-known that BGP is vulnerable to simple, accidental misconfigurations that can cause widespread loss of connectivity, most of the evidence is anecdotal. Routing configuration errors have received less attention than more popular threats to connectivity, such as denial-of-service, and CAIDA's BGP analyses and Merit's IPMA project provide some of the only data available. Speakers |
Full AbstractWe analyze the BGP messages collected by the RIPE-NCC Routing Information Service. The data has been collected for about two years. It is much richer than the daily snapshots often used in analysis and helps us address more detailed questions than simply table size growth. For example, we can show the effectiveness of CIDR aggregation, or account for multi-homing and inter-domain traffic engineering more accurately. Speakers |
RecordingsFull AbstractService providers have expressed a need for a simple, standard method of building tools for network management and provisioning. The Extensible Markup Language (XML) provides a straighforward means by which these needs can be met. Using standard tools, XML can be easily parsed, stored, retrieved, debugged, and documented. XML's ASCII encoding lends itself well to scripting and provisioning (it's easy to write, and easy to debug), and its ability to provide forward and backward compatibility makes it a robust choice for building network management tools. Speakers |
Tuesday, October 23, 2001
Topic/Presenter |
---|
Full AbstractThe security of a network infrastructure, particularly an extensive one, relies on the proper management of the network address space, routes, and external connections. If network managers don't know what they have, how it's connected, and what else it's connected to, they can't know if it is secure. The Internet Mapping Project, started by Bill Cheswick at Bell Labs, has been collecting intriguing topological information about the Internet since August of 1998. In the last year, this technology has been applied to large corporate intranets and ISPs with equally illuminating results. Speakers |
RecordingsFull AbstractSpeakers |
RecordingsFull AbstractSpeakers |
Full AbstractThe use of the whois protocol to provide a look-up service for Internet infrastructure information is showing its age. Operators are experiencing increased demands for information through the whois service. From the needs of privacy, law enforcement, intellectual property rights, and referrals, new demands are being asked of this service. VeriSign is in the process of gathering requirements from the various whois user communities. Mark will present the process through which VeriSign is gathering these requirements, and the generalities of what is currently known about them. Speakers |
Full AbstractSpeakers |
Full AbstractSpeakers |
Full AbstractSpeakers |
|
RecordingsFull AbstractThis discussion will include a ten-minute overview of the ARIN policy evaluation process that identifies the current issues being evaluated. The remaining time will be left open for meeting attendees to ask questions and provide feedback on any issue related to ARIN procedures or policies. Speakers |
Full AbstractWe will present our analysis of the surprisingly strong impact of recent Microsoft worms (such as Code Red II and Nimda) on the stability of the global routing system. Analysis of the on-line BGP message archives from the RIPE-NCC Routing Information Service, and of the worm scanning and infection spread datasets shows strong correlations between worm propagation periods and very long-lasting BGP "update storms." Speakers |