Friday, January 28, 2011

Egypt quits net to stifle protest

Internet connections across Egypt appear to have been cut, as authorities gear up for a day of mass protest.

Net analysis firms and web watchers have reported that the vast majority of the country's internet has become unreachable.

The unprecedented crack down will leave millions of Egyptians without internet access.

There have been unprecedented protest in the country over the past few days - much of it co-ordinated via the web.

According to internet monitoring firm Renesys, shortly before 2300 GMT on 27 January virtually all routes to Egyptian networks were simultaneously withdrawn from the internet's global routing table.

That meant that virtually all of Egypt's internet addresses were unreachable.

Egyptian authorities seem to have manged this by shutting down official Domain Name Servers (DNS) in Egypt. These act as address books and are consulted by web browsing software to find out the location of a site a user wants to visit.

Messages circulating in Egypt pointed people towards unofficial DNS servers so they could get back online.

Unprecedented action

That sudden drop off has been confirmed by other web traffic watchers, including Arbor Networks and BGP Mon.

"The government seems to be taking a shotgun approach by ordering ISP's to stop routing all networks," said Andree Toonk, a researcher at BGP Mon.

People and businesses within the country that relied on the four main ISPs have been cut off, Renesys' chief technology officer, James Cowie wrote on the company's blog.

"Link Egypt, Vodafone/Raya, Telecom Egypt, Etisalat Misr, and all their customers and partners are, for the moment, off the air," he wrote.

Severing the majority of a country's internet connections respresents "is unprecedented in internet history", said Rik Ferguson, a security researcher at Trend Micro.

Domino effect

Earlier this week, Egyptians had reported being unable to access social networks such as Twitter and Facebook. At the time the Egyptian government denied it was behind the block, saying it supported free speech.

Many of the protesters were able to get round those restrictions by using smartphone apps - which had not been blocked - to access those sites.

Others used proxy servers - which divert web traffic to its destination via sites that haven't been blocked.

Those initial restrictions now appear to have been a precursor to a much more stringent communication clamp down.

Elsewhere, unconfirmed reports suggest that mobile users have been blocked from receiving text messages.

But protesters continue to circumvent the net blockade. One Twitter user, @EgyptFreedomNow claimed it is still possible for Egyptians to access the internet using dial up connections.

The protests in Egypt followed similar unrest in Tunisia, which saw the collapse of Zine al-Abidine Ben Ali's government.

Amid fears of a domino effect in the Middle East, other regimes are following Egypt's lead in restricting access to some sites.

The Syrian authorities have banned certain programmes that allows access to Facebook's Chat application.

The Egyptian Consulate in London was not answering calls at the time of writing.



Powered By WizardRSS

Net approaches address exhaustion

The last big blocks of the net's dwindling stock of addresses are about to be handed out.

The event that triggers their distribution is widely expected to take place in the next few days.

When that happens each of the five regional agencies that hand out net addresses will get one of the remaining blocks of 16 million addresses.

The addresses in those last five blocks are expected to be completely exhausted by September 2011.

Final five

The trigger event will likely come from the agency that oversees net addresses in the Asia-Pacific region, a body known as Apnic.

When Apnic's store of addresses falls below a key threshold, said Geoff Huston, chief scientist at the agency, it will ask for more from the central repository - the Internet Assigned Numbers Authority (IANA).

"When IANA process this request that will leave it with five /8s in its pool," said Geoff Huston, chief scientist at the Asia Pacific registry.

A "/8" is the biggest block of net addresses that IANA hands out and comprises about 16 million addresses.

"That will trigger the IANA to activate its 'final /8' actions, which entail the IANA handing out a final /8 to each of the five regional internet registries," said Mr Huston.

"Start Quote

If you do not have any plans for IPv6 now you are irresponsible"

End Quote Axel Pawlik

IANA is expected to formally hand over the final five in a ceremony in mid-March that will signal the beginning of the end for this pool of addresses.

The internet was built on version 4 of the Internet Protocol (IPv4) which has an upper limit of about four billion addresses. In the 1970s when IPv4 was drawn up this seemed enough but the explosion in the use of the net has led to its rapid depletion.

Making plans

Axel Pawlik, managing director of RIPE which hands out net addresses in Europe, said he expected the entire stock to run dry in September 2011.

"It might be earlier," he said "as we have had some quite significant growth."

"There have been a lot of big requests for addresses," he said, "specifically in the US and Asia but that's not a surprise as they have all the people there and the growth too."

Mr Pawlik said Ripe and other regional registries have been rationing requests for addresses for some time. Enough addresses to last two years used to be given out, he said, but now it only supplied sufficient to last six months.

The 16 million addresses in the last block /8 assigned to Europe could run out quickly, he said, as people woke up to the fact that there are not many left.

Plus, he said, Ripe and other agencies were planning to reserve a chunk of addresses for new entrants and to help with migration to the new addressing scheme - IP version 6 (IPV6).

While number of requests for IPv6 addresses was rising, said Mr Pawlik, it was not happening fast enough.

"If you do not have any plans for IPv6 now you are irresponsible," said Mr Pawlik, "They should have that in place, if they do not have that by now something is going seriously wrong."

Mr Pawlik said there would not be chaos once the IPv4 addresses were used up. However, he said, it made sense to start switching as the technical work-arounds to cope with a lack of IPv4 addresses were unwieldy and limited.

"IPv6 is the solution," he said.



Powered By WizardRSS