Articles
Likes on articles
Babak Farrokhi is a Computer Scientist and Researcher with over 20 years of experience in UNIX Systems and Networking. His expertise includes IP Networking, BGP, DNS, Internet Performance, System Scalability and Network Security. He provides consulting services and develops products and services related to his expertise.
• 3 min read
Following my recent research on DNS hijacking and the cases I have personally observed, I wondered whether this is a common practice among the operators. With the help of RIPE Atlas, I started to think of a solution to figure out whether such practice is widespread in other areas of the world.
• 3 min read
You might not have noticed, but there are chances that your ISP is playing nasty tricks with your DNS traffic.
• 6 min read
There are about 600 DNS root server instances deployed around the world. But does everyone have an equal level of access to a root server in their region? Are they fairly distributed? Do all major (and country level) network operators recognise the value in deploying (or peering with) a root server…
• 8 min read
Following my research on DNS reachability and performance, I found interesting results for specific domain names.
• 8 min read
This is the second part in a series of articles looking at the use of DNS servers in Iran. For the second part I will continue measuring performance and reachability for two more sets of DNS resolvers: TIC and Verisign.
• 4 min read
While most Internet users are not aware of the importance of DNS resolution in their overall web browsing experience, they often complain about shortage of bandwidth when experiencing sluggish Internet connectivity. It is no surprise that most of the service providers also ignore this fact by re…
Showing 6 article(s)
Thanks for the thoughtful piece. It seems like operators and regulators are turning a blind eye to the fact that vendors already have too much unnecessary access to their networks. I started to wonder if this whole Huawei story is FUD spread by other vendors who fail to win price wars with Chinese vendors. The bigger question is: Should any third-party, regardless of their country of origin, should be relied to run (or have access to) critical infrastructure?
This is a very important issue that researchers should keep in mind when running RIPE Atlas measurements. They may want to select their probe origins carefully, keeping in mind that some DNS or HTTP requests would cause trouble for the probe host. While RIPE Atlas already has relevant measures to prevent eventual misuse, but some normal requests may trigger alerts in some networks that is undesired for probe hosts. On the other hand I believe people hosting probes should also be aware of such potential issues, when deploying in networks with strict policies (or have IDS monitoring their traffic) or in regions with restrictive regulations.
Showing 2 comment(s)