From ocl at gih.com Thu Jul 8 22:53:10 2010 From: ocl at gih.com (Olivier MJ Crepin-Leblond) Date: Thu, 08 Jul 2010 23:53:10 +0200 Subject: [IPv6crawler-wg] Fwd: [afripv6-discuss] Qwest Addresses Explosive Internet Growth with Dedicated IPv6 Internet Address Message-ID: <4C3648C6.8070109@gih.com> As expected, some of the big boys are starting to be interested in IPv6. Kind regards, Olivier -------- Message original -------- Sujet: [afripv6-discuss] Qwest Addresses Explosive Internet Growth with Dedicated IPv6 Internet Address Date : Thu, 8 Jul 2010 19:43:37 +0200 De : Latif LADID ("The New Internet based on IPv6") R?pondre ? : IPv6 in Africa Pour : 'IPv6 in Africa' PRESS RELEASE *July 8, 2010, 10:36 a.m. EDT ? *Recommend *?** *Post: http://i.marketwatch.com/MW5/content/Story/Images/icon-facebook.gif http://i.marketwatch.com/MW5/content/Story/Images/icon-twitter.gif ** Qwest Addresses Explosive Internet Growth with Dedicated IPv6 Internet Address Government and Business Customers Now Benefit from Enhanced End-to-End Security http://i.marketwatch.com/MW5/content/story/images/PR-Logo-Businesswire.gif DENVER, Jul 08, 2010 (BUSINESS WIRE) -- To stay ahead of the Internet's explosive growth, Qwest Communications (Q *5.36*, +0.01, +0.09%) today announced it is offering public and private Internet Protocol Version 6 (IPv6) addresses to its government and business customers. Now Qwest iQ(R) Networking service customers can take advantage of IPv6's built-in security measures and options, as well as a near-endless supply of IP addresses. This morning, Qwest chairman and chief executive officer Ed Mueller announced the new IPv6 functionality during a keynote address at the Cybersecurity Symposium 2010 conference hosted by the Armed Forces Communications and Electronics Association (AFCEA) in Washington, D.C.. Mueller also is the current chairman of the National Security Telecommunications Advisory Committee (NSTAC). KEY FACTS -- Qwest offers transition paths so customers can use the next generation of addressing protocol to run both IPv4 and/or IPv6 addresses via either: -- Dual Stack approach which offers the ability to run both IPv4 and IPv6 so customers may transition over time and with ease; or -- Native IPv6 which allows Qwest customers to adapt to the next-generation IP protocol as they build new locations and bring on new sites and devices. -- IPv4 has a limit of approximately 4 billion serviceable IP addresses that will exhaust in 2011 as the current pool of available IPv4 addresses dwindles to approximately 600 million, according to the Internet Assigned Numbers Authority. However, IPv6 is nearly inexhaustible (128 bits -- 2 to the 128th power). -- With native IPv6, Qwest business and government customers no longer need to use Network Address Translation (NAT), making configuration of complex networks simpler while providing simpler connectivity between peer-to-peer networks for highly secure end-to-end connectivity. -- Through the Qwest Control dashboard, iQ(R) Networking service customers can view their new IPv6 addresses, take advantage of trouble ticketing and repair functions and create reports. Qwest iQ(R) Networking service is a reliable and dedicated Internet access service over the advanced Qwest 10 Gig backbone, one of the most sophisticated networks available. -- To participate in the federal government's Networx program, the largest communications services contract in the world, Qwest was certified to offer both IPv4 and IPv6 capability and public and private network native IPv6 connectivity. In June, Qwest announced compliance with the requirements for offering Most Trusted Internet Protocol Services (MTIPS) to federal agencies under the Networx contracts. Qwest provides its MTIPS Internet security solution in a cloud-based environment to secure federal government agencies' external access points to the Internet. SUPPORTING QUOTE Pieter Poll, Qwest chief technology officer "Qwest has long supported the federal government's focus on cyber security. We have worked actively with government and industry on issues associated with protecting networks and the information that flows through them. By offering the next-generation security that is baked into dedicated IPv6 addressing, Qwest is doing its part to provide government and business customers with the most advanced Internet security that is available." SUPPORTING RESOURCES -- News Release: Qwest MTIPS Approved for Meeting OMB Directive to Secure Internet Access; Federal Agencies Must Select Vendor, Place MTIPS Orders by Aug. 31, 2010 About Qwest Business Qwest Business is a choice of 95 percent of Fortune 500 companies, offering a comprehensive portfolio of data and voice networking communications solutions to enterprises, government agencies and educational institutions of all sizes. The Qwest network backbone covers the entire continental United States and has one of the largest fiber footprints in the U.S., capable of supporting 40 Gbps data transmission rates now and 100 Gbps soon. Go to Qwest.com/business to see why enterprises coast-to-coast rely on Qwest for first-class communications solutions and to learn more about Qwest's commitment to perfecting the customer experience. The marks that comprise the Qwest logo are registered trademarks of Qwest Communications International Inc. in the U.S. and certain other countries. SOURCE: Qwest Communications -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/gif Size: 98 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/gif Size: 1025 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/gif Size: 6167 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/png Size: 174 bytes Desc: not available URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: Portion de message jointe URL: From ocl at gih.com Mon Jul 19 17:12:18 2010 From: ocl at gih.com (Olivier MJ Crepin-Leblond) Date: Mon, 19 Jul 2010 18:12:18 +0200 Subject: [IPv6crawler-wg] Logos etc. Message-ID: <4C447962.9090507@gih.com> I have started writing a report for ISOC. Would you all be so kind to email me your organisation's logo, for me to include in the report? Thanks, Olivier -- Olivier MJ Cr?pin-Leblond, PhD http://www.gih.com/ocl.html From ocl at gih.com Sat Jul 31 19:18:54 2010 From: ocl at gih.com (Olivier MJ Crepin-Leblond) Date: Sat, 31 Jul 2010 19:18:54 +0100 Subject: [IPv6crawler-wg] Response to NETGEAR port scanning security alert Message-ID: <4C54690E.9050208@gih.com> Dear Mr. Burn I am the project manager for the ISOC-sponsored IPv6 Matrix project currently operating from the UK. I was alerted by 2020 Media Support, our upstream providers, that our crawler project has triggered a port scan alert with your routers and apologise for the disturbance. It appears that some firewall hardware report unusual traffic activity, mis-categorizing it as a port scan attack. This project, sponsored in part by the Internet Society ( http://www.isoc.org ) and run by the English Chapter of ISOC, aims to test the most popular Internet domains in the world for IPv6 connectivity. You are no doubt aware that the Internet is running out of IPv4 addresses and that a transition towards IPv6 is the preferred option to maintain its viability and global scaling. Our aim is to track the spread of IPv6 worldwide, in order to provide more reliable statistics on IPv6 implementation and enable decision takers to migrate to the new addressing scheme in time before IPv4 addressing runs out. See figure 36 on: http://www.potaroo.net/tools/ipv4/index.html This project is a public service to the Internet, and its results can be found on: http://www.ipv6matrix.org/ A short project description can be found on: http://www.isoc.org/isoc/chapters/projects/awards.php?phase=10 At present, we are still at beta testing stage, and are trying to work out any quirks in the back-end crawling code, so your feedback is very important to us. The .UK domain name space was tested on Thursday, with .NET space tested on Friday with .COM currently being tested this week-end. In order to have reliable results, we do not wish our IP addresses to end up on blacklists, and are therefore very attentive to feedback from domain admins such as you. If you have any more detailed log of the "port scan" event, I would really appreciate them so as for us to amend our crawling engine accordingly. Traceroute and Tracepath, as well as Ping, sometimes trigger firewalls, especially on specific ports. The only ports which we test connectivity to are: - Port 25 (SMTP), - Port 53 (DNS), - Port 80 (HTTP), - Port 443 (HTTPS) - Port 123 (NTP) All we do is to check if there is response on the port's IPv4 and IPv6 address (if any IPv6 connectivity is found). This generates a minute amount of traffic. At the moment, the scan collects data as follows for each Top Level Domain: - MX : [type,domain,host, ipv4, ipv6, rank] - NS : [type,domain,host, ipv4, ipv6, rank] - WWW : [type,domain,host, ipv4, ipv6] - NTP : [type,domain,host, ipv4, ipv6] - Soa : [type,domain,soa,primary_by_rank,primary_inhouse,secondary,total,contact, serial, refresh, retry, expire, minimum] - Geoip : [type,domain,host,ipv4,ipv6,asn,city,region_name, country_code, longitude,latitude] - Reverse : [type,domain,host, ipv4, ipv6, name4, name6 ] - Ping : [type,domain,host, ipv4, ipv6,count,min,avg,max,std,min6,avg6,max6,std6] - Tcp25 : [type,domain,host,port,ipv4, ipv6,tcp,tcp6] - Tcp80 : [type,domain,host,port,ipv4, ipv6,tcp,tcp6] - Tcp443 : [type,domain,host,port,ipv4, ipv6,tcp,tcp6] - Tls : [type,domain,host,ipv4, reachable,tls] - Path : [type,domain,host, ipv4, ipv6, mtu4, hops4, back4, path4, mtu6, hops6, back6, path6] - IPv6 Type : [type,domain,host,ipv6,valid,prefixid,ipv6type] - IPv6 domain : [domain,ns,mx,www,ntp] The scans will take place on a monthly basis, and you therefore might be receiving recurring security alerts in the future, unless you can parameter your firewall to ignore alerts from our crawler which runs on from 212.124.204.162. Alternatively, I would be happy to take your domain name out of the crawler's site testing list. If so, please email me the list of domain names which you are in charge of and I'll make sure they are removed from the testing list. I hope that this email has answered your concerns but if you have any further queries, I am happy to discuss them with you on: 07956 84 1113 Warmest regards, Olivier -- Olivier MJ Cr?pin-Leblond, PhD http://www.gih.com/ocl.html -- Olivier MJ Cr?pin-Leblond, PhD http://www.gih.com/ocl.html From ocl at gih.com Sat Jul 31 19:24:23 2010 From: ocl at gih.com (Olivier MJ Crepin-Leblond) Date: Sat, 31 Jul 2010 19:24:23 +0100 Subject: [IPv6crawler-wg] Response to port scanning security alert Message-ID: <4C546A57.5020605@gih.com> Dear Mr. Johnston, further to our phone conversation this afternoon, and as promised, please find further information in this email about the IPv6 Matrix project: I am the project manager for the ISOC-sponsored IPv6 Matrix project currently operating from the UK. I was alerted by 2020 Media Support, our upstream providers, that our crawler project has triggered a port scan alert with your routers and apologise for the disturbance. It appears that some firewall hardware report unusual traffic activity, mis-categorizing it as a port scan attack. This project, sponsored in part by the Internet Society ( http://www.isoc.org ) and run by the English Chapter of ISOC, aims to test the most popular Internet domains in the world for IPv6 connectivity. You are no doubt aware that the Internet is running out of IPv4 addresses and that a transition towards IPv6 is the preferred option to maintain its viability and global scaling. Our aim is to track the spread of IPv6 worldwide, in order to provide more reliable statistics on IPv6 implementation and enable decision takers to migrate to the new addressing scheme in time before IPv4 addressing runs out. See figure 36 on: http://www.potaroo.net/tools/ipv4/index.html This project is a public service to the Internet, and its results can be found on: http://www.ipv6matrix.org/ A short project description can be found on: http://www.isoc.org/isoc/chapters/projects/awards.php?phase=10 At present, we are still at beta testing stage, and are trying to work out any quirks in the back-end crawling code, so your feedback is very important to us. The .UK domain name space was tested on Thursday, with .NET space tested on Friday with .COM currently being tested this week-end. In order to have reliable results, we do not wish our IP addresses to end up on blacklists, and are therefore very attentive to feedback from domain admins such as you. If you have any more detailed log of the "port scan" event, I would really appreciate them so as for us to amend our crawling engine accordingly. Traceroute and Tracepath, as well as Ping, sometimes trigger firewalls, especially on specific ports. The only ports which we test connectivity to are: - Port 25 (SMTP), - Port 53 (DNS), - Port 80 (HTTP), - Port 443 (HTTPS) - Port 123 (NTP) All we do is to check if there is response on the port's IPv4 and IPv6 address (if any IPv6 connectivity is found). This generates a minute amount of traffic. At the moment, the test collects data as follows for each Top Level Domain: - MX : [type,domain,host, ipv4, ipv6, rank] - NS : [type,domain,host, ipv4, ipv6, rank] - WWW : [type,domain,host, ipv4, ipv6] - NTP : [type,domain,host, ipv4, ipv6] - Soa : [type,domain,soa,primary_by_rank,primary_inhouse,secondary,total,contact, serial, refresh, retry, expire, minimum] - Geoip : [type,domain,host,ipv4,ipv6,asn,city,region_name, country_code, longitude,latitude] - Reverse : [type,domain,host, ipv4, ipv6, name4, name6 ] - Ping : [type,domain,host, ipv4, ipv6,count,min,avg,max,std,min6,avg6,max6,std6] - Tcp25 : [type,domain,host,port,ipv4, ipv6,tcp,tcp6] - Tcp80 : [type,domain,host,port,ipv4, ipv6,tcp,tcp6] - Tcp443 : [type,domain,host,port,ipv4, ipv6,tcp,tcp6] - Tls : [type,domain,host,ipv4, reachable,tls] - Path : [type,domain,host, ipv4, ipv6, mtu4, hops4, back4, path4, mtu6, hops6, back6, path6] - IPv6 Type : [type,domain,host,ipv6,valid,prefixid,ipv6type] - IPv6 domain : [domain,ns,mx,www,ntp] The tests will take place on a monthly basis, and you therefore might be receiving recurring security alerts in the future, unless you can parameter your firewall to ignore alerts from our crawler which runs on from 212.124.204.162. Alternatively, I would be happy to take your domain name out of the crawler's site testing list. If so, please email me the list of domain names which you are in charge of and I'll make sure they are removed from the testing list. I hope that this email has answered your concerns but if you have any further queries, I am happy to discuss them with you on: 07956 84 1113 Warmest regards, Olivier -- Olivier MJ Cr?pin-Leblond, PhD http://www.gih.com/ocl.html