January 18, 2013 archive

Report: Routing Resiliency Measurements – Where We Are And What Needs To Be Done

What are the actual frequency of routing security incidents? And what are the operational and economic impacts of such security incidents?

We all know that “routing security” incidents happen, but it’s hard to get a grasp on exactly what the situation is.  To that end, our colleagues in the Internet Society Standards and Technology team organized a “Routing Resiliency Measurements Workshop” in November 2012 to bring together participants from network operators, research labs, universities and vendors to explore what we can measure now – and what we need to do to start collecting more accurate measurements.  The team has now published a report:

and our colleague Andrei Robachevsky has published some observations about the workshop.  As Andrei notes, the point of the workshop was to address three main questions:

  1. What level of attack has there been in the past – to what extent do security incidents happen, but go unnoticed, or get dealt with inside a single network, possibly introducing collateral damage?
  2. Are the number and impact of service disruptions and malicious activity stable, increasing, or decreasing?
  3. Can we understand why, and track it collectively?

The report goes into some detail on what was discussed in the workshop and some of the approaches that were outlined.  As Andrei relays in his post, the workshop didn’t magically produce answers to all these questions… but it did lay the foundation for where more work needs to occur.

As we open up the new topic area of Routing Resiliency / Security here on Deploy360, we intend to bring you more information from workshops such as these… and ultimately more of the solutions and best operational practices that can lead to a more resilient and secure Internet.


cPanel To Add IPv6 Support in 2013

Good news for the many people out there using cPanel to configure their hosted website… IPv6 support is coming this year. In a post titled “IPv6 Implementation Update” they state:

Much like Y2K, this issue requires a proactive solution rather than a reactive response. That is why cPanel has been working diligently on research and analysis to incorporate IPv6 support into our products. In 2013 we will begin to deliver features that support IPv6.

As some of you may already know, IPv6 is much more than just a change in the addressing scheme. However, given the urgency of supporting IPv6 addressing, we will first focus on allowing you to manage manually assigned IPv6 addresses at least as well as you can currently manage IPv4 addresses in cPanel & WHM. We also look forward to supporting IPv6 addresses on NSD, MyDNS and BIND (for DNS functionality), Apache (for website functionality), cPanel & WHM and its related services, and the various mail services we support. Additional services will be made IPv6-capable as deemed fit. The level of support cPanel will provide for IPv6 will provide functionality needed for serving web content.

Given the large usage of cPanel among web hosting providers it is great to see that this support for IPv6 will be added to the software.  The cPanel article encouraged people to join in the IPv6-related discussion happening in the Feature Requests area of their website.  It’s interesting to read there already the comments of people who have not implemented cPanel (or have chosen different hosting providers who don’t use cPanel) because of its lack of IPv6 support.