You are here: Home > Publications > RIPE Labs

RIPE Labs

Site Administrator — 18 Jul 2013

Persistent DNS Connections for Reliability and Performance

For decades, the Domain Name System (DNS) has relied on UDP as its transport protocol of choice, mostly because of its simplicity. New transports such as DNS-over-TLS and DNS-over-HTTPS are now gaining popularity: they offer increased privacy while preventing the use of the DNS as a DDoS attack vector. What may be less obvious is that they can also provide increased performance compared to UDP.

Persistent DNS Connections for Reliability and Performance - Read More…

Researchers' first Encounter with the IETF Community: Measuring TCP, HTTP/2 and QUIC

As Ph.D. students, our typical encounter with the IETF community and their work is by stumbling over RFCs and Internet-Drafts that either relate to or are a fundamental basis for our research. Beyond that, for us, the Internet Engineering Task Force (IETF) has been a vague entity focused on standardisation. Therefore it was a great experience to attend the IETF 101 meeting in London earlier this year and to present our measurement results for TCP, HTTP/2 and QUIC at the Measurement and Analysis for Protocol Research Group (MAPRG)

Researchers' first Encounter with the IETF Community: Measuring TCP, HTTP/2 and QUIC - Read More…

Let's Connect! Easy to Install and Secure VPN Software that Respects your Privacy

Going online on unknown Internet hotspots - whether at a restaurant, an airport or in a restaurant - isn't actually very safe or secure for users. This is due to the open character of hotspots which makes it easy to impersonate legitimate hotspots and eavesdrop on traffic - or even serve malware. The main aim of the Let's Connect! project is to develop a secure, fast and usable open-source VPN solution that can be used by anybody on all types of devices. Thanks to the RIPE NCC Community Projects Fund this important goal is getting within reach.

Let's Connect! Easy to Install and Secure VPN Software that Respects your Privacy - Read More…

Passive Observations of Large DNS Service

In 2009, Google launched its Public DNS service, with its characteristic IP address 8.8.8.8. Since then, this service has grown to be the largest and most well-known DNS service in existence. Due to the centralisation that is caused by public DNS services, large content delivery networks (CDNs), such as Akamai, are no longer able to rely on the source IP of DNS queries to pinpoint their customers. Therefore, they are also no longer able to provide geobased redirection appropriate for that IP.

Passive Observations of Large DNS Service - Read More…

A Review of Blockchain Applicability to Internet Number Resources

Blockchain technology is receiving a lot of attention these days as a solution in numerous application domains. Triggered by research proposals and discussions in a variety of forums, we got together with a number of RIPE NCC employees to look at blockchain and its applicability to registration of Internet number resources. From our analysis we conclude that there are a number of issues that, at least for now, mean there is no benefit to using blockchain technology in the registry system.

A Review of Blockchain Applicability to Internet Number Resources - Read More…

Sunrise DNS-over-TLS! Sunset DNSSEC?

Is DNSSEC still needed when you get your DNS over TLS? DNSSEC's original design goals could also be met in a future DoT-only world. However, DNSSEC's aspirations have moved on with DANE. Unfortunately DNSSEC and DANE are hardly ever available at end-user devices. DoT brings liable delivery of DNS, which might make DNSSEC and DANE finally happen after all.

Sunrise DNS-over-TLS! Sunset DNSSEC? - Read More…

ARTEMIS: Neutralising BGP Hijacking Within a Minute

BGP prefix hijacking is a persistent threat against Internet organisations, attributed to a lack of authorisation and authentication mechanisms in the inter-domain routing system. ARTEMIS (Automatic and Real-Time dEtection and MItigation System) is a defence system against BGP prefix hijacking, which is based on comprehensive, accurate and fast detection operated by the AS itself, and enables flexible and fast mitigation of hijacking events.

ARTEMIS: Neutralising BGP Hijacking Within a Minute - Read More…

Join the Quantum Internet Hackathon 2018

The eighth RIPE NCC hackathon takes on the Quantum Internet! The hackathon will be held during the weekend before RIPE 77 in Amsterdam, and is co-organised by QuTech and TU Delft, along with the RIPE NCC. We're bringing together network operators, quantum networking researchers, students, hackers, software developers and artists, to imagine and build the tools for the future Internet.

Join the Quantum Internet Hackathon 2018 - Read More…

Document Actions