RIPE Labs

This article describes a newly discovered DNS protocol vulnerability that affects most recursive DNS resolvers. NXNSAttack allows the execution of random subdomain attacks using the DNS delegation mechanism, resulting in a big packet amplification factor.… Read more

To continue collaborative creation, let's challenge ourselves to make the longest hackathon: an on-going on-line open-data analysis of the health of the Internet during the COVID-19 crisis. … Read more

DNS operators have very few intelligent real-time tools that enable them to monitor their anycast services, for instance during a DDoS attack. In this post, we describe the challenges associated with measuring anycast services and propose a tool called the BGP Tuner. By using our open-source tool, operators can see in advance how changes in their BGP policies may impact the traffic load distribution over the anycast sites. … Read more

To help with the selection of suitable candidates for the RIPE Chair and RIPE Vice Chair positions, I share here an adapted overview of the work involved that was previously shared with the RIPE Nominating Committee. The intention is to build understanding in the community and help to inform any discussions about how this role will be carried out as I prepare to take my leave from the position. … Read more

RIPEstat will soon turn 10 years old, which I take as an opportunity to reflect on how RIPEstat came about, explain our new challenges and how we are tackling them. … Read more

This is the fourth in an ongoing series in which we give a brief overview of the most pertinent digital policies currently being proposed, debated and implemented in the European Union.… Read more

The RIPE NCC has been working remotely since mid-March. In this article we take a look at how we are maintaining our operations as we adapt to a world that has changed completely. … Read more

With RPKI experiencing a huge growth in its deployment and becoming a key part in the operations of the Internet, we have been investing a significant amount of resources in making its infrastructure resilient, secure, and highly available. Recent outages have raised concerns about the maturity level of this relatively new technology and we have taken these incidents very seriously. We are now in the process of making long-term, significant improvements to our technical infrastructure, operational procedures, and software development processes to meet the growing expectations of the technical community worldwide. … Read more

In less than two years from now, the number of IPv4 prefixes in the global BGP routing table will hit the one million figure. Should you be worried? Most probably not, but better safe than sorry.… Read more

Please find below an update from the RIPE Nominating Committee. Three of the NomCom members answer some of the questions you might have about the next steps in the selection process.… Read more