Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
The Internet Math

Full Net Census Takes a Hint From xkcd 145

Posted by kdawson
from the you-say-hilbert-i-say-dilbert dept.
netbuzz writes "The University of Southern California Information Sciences Institute says it's the first full census of the 'visible Internet' since David Smallberg canvassed a piddling 315 allocated addresses in 1982. They're talking about 3 billion pings directed toward 2.8 million addresses over the course of 62 days. Oh, and they credit the comic strip xkcd for sparking the idea of presenting the data using a Hilbert curve." The main page for the census project has links to versions of the census at various scales.
This discussion has been archived. No new comments can be posted.

Full Net Census Takes a Hint From xkcd

Comments Filter:
  • by Anonymous Coward on Tuesday October 09, 2007 @01:03PM (#20914703)
    here I am. continue counting...
    • Re: (Score:2, Funny)

      by ubrgeek (679399)
      For some reason I'm reminded of the M*A*S*H episode, "Five O'clock Charlie" -

      Radar: Are you One?

      Hawkeye immediately throws his hand on his hip and with a touch of foppishness replies:

      Hawkeye: Yes, are you?
  • by Anonymous Coward on Tuesday October 09, 2007 @01:07PM (#20914757)
    xkcd on the front page...
  • by farker haiku (883529) on Tuesday October 09, 2007 @01:08PM (#20914771) Journal
    Anyone got a colorblind friendly version of the map?
    FTA:
    Responses: positive: green, negative: red, mix: yellow.

    seriously guys, wtf.

    • by EveryNickIsTaken (1054794) on Tuesday October 09, 2007 @01:12PM (#20914841)
      I'm still waiting for the braile version.

      Seriously guys, wtf.

      • by Matthew Bafford (43849) on Tuesday October 09, 2007 @01:58PM (#20915599) Homepage

        I'm still waiting for the braile version.

        Seriously guys, wtf.


        The main difference being, of course, that designing visual medium so that it supports both color-blind and normal visioned people equally well is extremely easy. Designing visual media that supports blind people is extremely difficult. There's no excuse, other than ignorance (which is the real reason in most cases), for not supporting color-blind people.
        • Yes, but at the same time, isn't it just as easy for a differently color-sighted person to have a web browser capable of doing color transformations that make it legible for them?
          • Yes, but at the same time, isn't it just as easy for a differently color-sighted person to have a web browser capable of doing color transformations that make it legible for them?

            For text, sure. Usually all it takes is selecting the offending text. I'm not aware of any product that will "fix" images, though.
            • by UbuntuDupe (970646) on Tuesday October 09, 2007 @02:49PM (#20916347) Journal
              Right, but the transformation itself should be pretty simple, right? Just a rotation/inversion/dilation of the color wheel.

              And since Firefox has a really easy process for writing plugins...
              • Right, but the transformation itself should be pretty simple, right? Just a rotation/inversion/dilation of the color wheel. And since Firefox has a really easy process for writing plugins...

                That's a good question. I can't think of a case where it's been enough of an issue on the web that I've felt a need for such a plug-in. For the most part, things tend to be slightly more confusing than they have to be, but they aren't unusable. The real kicker for me is buying clothes and multi-colored LEDs. I also

        • by fractoid (1076465)

          There's no excuse, other than ignorance (which is the real reason in most cases), for not supporting color-blind people.
          How about... not caring? Anyone who reads Slashdot should be able to open up the resulting image in GIMP and remap the colours to make them easily differentiable, whatever your visual peculiarities.
    • God, STFU (Score:5, Insightful)

      by Anonymous Coward on Tuesday October 09, 2007 @01:39PM (#20915257)
      I'm colorblind and I can see the difference in shades just fine.

      Maybe you should ask the people you're acting like you care about whether they actually need you to whine for them.
      • Re: (Score:3, Informative)

        by adamziegler (1082701)
        Even though you too are red green colorblind... it does not mean that you are seeing it the same way as the parent. http://en.wikipedia.org/wiki/Color_blindness#Congenital_color_vision_deficiencies [wikipedia.org] Besides... its fairly simple to design a website or chart that makes things easy for even those who are color blind. I too am color blind... Honestly, I can't tell if the negatives and positives are mixed together when I look at it. (Not that I am fluent in reading the chart anyway!)
      • Re: (Score:3, Insightful)

        by pcgabe (712924)
        I'm red-green colorblind, and I absolutely, positively, cannot tell the difference between these two colors on this map. I can see the shades, sure. I just can't see what they are shades OF.

        Maybe you should ask yourself whether you're acting like a jerk for attention.

        [It's great that YOU can read this map just fine, but that doesn't help ME. In fact, coming here and saying that there's no problem for anyone is actually detrimental. Perhaps you can keep your mild color-blindness to yourself in the future
      • You need to be more sensitive. I think maybe he has a slight case of word-dyslexia, and was, in fact, whining on behalf of the blind coloured people.
      • by mcvos (645701)

        I'm colorblind and I can see the difference in shades just fine. Maybe you should ask the people you're acting like you care about whether they actually need you to whine for them.

        This apparently comes as a surprise to you, but you are not the only colorblind person in the world. There are a lot of colorblind people out there, and many of them don't see color the same way you do.

    • The green-red-yellow is probably based on traffic lights in the US (and many other countries), which commonly use those colors. While it's not a decision targeted towards accessibility, it's one that should allow most users to partially understand the map easily.
    • Re: (Score:3, Funny)

      by Guysmiley777 (880063)
      The ANT Lab doesn't care about color(blind) people.
    • by renoX (11677)
      Have you tried to read the map?

      I'm colorblind too and ofter pester against the HW makers which use green/red LED that I can't distinguish, but I can read this map alright.
    • by pv2b (231846)
      I stumbled upon a cool web page that will Daltonize images [vischeck.com]. Apparently, this is a way to run images through a filter, changing colours around to make them easier to distinguish for colour blind people.

      I'm not colour blind myself, so I don't know how well it'd work on that particular image, but I hope it helps.
    • by Mozk (844858)
      You really got me worrying about what happened to the "you insensitive clod!" meme... Anybody?
  • by saibot834 (1061528) on Tuesday October 09, 2007 @01:09PM (#20914781) Homepage
    Randall Munroe [wikipedia.org] (xkcd author) also made this [xkcd.com] comic entitled "Online Communities". Also a nice way to make a map of the internet. (Extra points for those, who find "Stallman's Airship")
    • Re: (Score:3, Informative)

      by Kandenshi (832555)
      For the lazy it's just to the "southwest" of the IRC isles, southeast of wikipedia. Easier to see in the blown up version of the strip here [xkcd.com]
    • Randall Munroe (xkcd author) also made this comic entitled "Online Communities". Also a nice way to make a map of the internet. (Extra points for those, who find "Stallman's Airship")
      It's a bit out of date, facebook expanded a lot. Myspace shrank and wheres slashdot.
    • by rk (6314)

      'Extra points for those, who find "Stallman's Airship"'

      It's far to the east and a little south of Cory Doctorow's balloon.

    • Discovering the location of Qwghlm on this map made my entire day. Thanks!
    • Re: (Score:2, Insightful)

      by maxume (22995)
      I figure anybody who manages not to mistake the Isle of Slash for Slashdot deserves the extra points; Stallman's Airship is easy.
    • ...And Cory Doctorow's balloon, obviously.

      I love this map, but even at full-size there's a lot of detail that you can't make out, which frustrates the hell out of me. I was also annoyed by the fact that the little peninsular west of the Bay Of Trolls isn't allocated to b3ta [b3ta.com]... Still, a staggering and witty undertaking, worthy of much praise.

      I actually asked Randall if I could have the image at a higher resolution so I could project it onto my wall and trace it out, with all the little names that you can't

  • by N1ck0 (803359) on Tuesday October 09, 2007 @01:11PM (#20914815)
    Don't you just hate it when the internet wraps onto the ceiling [isi.edu]. All those packets are horrible on the acoustic tiles.

    And once it gets up there you know its going to be hard to get it back down.

  • over under? (Score:2, Funny)

    by SIIHP (1128921)
    So what's the over under on the percentage of porn sites?

    85%?
  • by JeanBaptiste (537955) on Tuesday October 09, 2007 @01:15PM (#20914869)
    People are doing this same thing constantly. [google.com]

    Not that its not cool, but acting like it hasn't been done since 1982 is grossly incorrect.
  • Hmm. That means there's still lots of IPs available (if bright blue = unused), right?
  • by CaptainPatent (1087643) on Tuesday October 09, 2007 @01:17PM (#20914903) Journal
    I'd be willing to be a guinea pig for their next project [xkcd.com]
  • by digitaldc (879047) * on Tuesday October 09, 2007 @01:23PM (#20915005)
    39% are pr0n
  • by ackthpt (218170) * on Tuesday October 09, 2007 @01:29PM (#20915101) Homepage Journal

    They're talking about 3 billion pings directed toward 2.8 million addresses over the course of 62 days.

    I assume 90% are spambots, 5% are people trying to get Frist Psot and the remainder are legit.

    • ... 5% downloading porn, 10% stealing copyright material. the remainder are legit.

      sure, that might be 110%, but that just shows you how efficient the Internet is.
  • nmap (Score:3, Informative)

    by blhack (921171) * on Tuesday October 09, 2007 @01:35PM (#20915201)
    PSH..

    nmap -sP *.*.*.* > ips.txt
  • I knew the Hilbert curve could fill the space by replacing each segment with a copy of itself (a basic concept in fractal theory, self similarity). But I didn't know that the curve had this interesting property: Similar addresses had nearby locations in two-dimensional space. The XKCD guy is a genius.

    Anyway, here's more info on the Hilbert Curve [wikipedia.org]. Enjoy.
  • by Anonymous Coward on Tuesday October 09, 2007 @01:52PM (#20915515)
    XKCD's writer shows his love for /. . http://xkcd.com/301/ [xkcd.com]
  • Where do I apply to get paid doing this stuff ?
  • rolling blackout (Score:5, Interesting)

    by ziegast (168305) * on Tuesday October 09, 2007 @02:11PM (#20915781) Homepage
    Back in the mid-90's a research student in a south-east Asian country decided to do a similar experiment. They started pinging 0.0.0.0, 0.0.0.1, ...etc... When they got to 1.0.0.0 they took down BBN's network and upstream ISPs because the routers would negative-cache host routes of failed pings, thereby flushing out all the other working routes. My ISP got hosed when they got to 3.0.0.0 (Merit) since they were our customer. The attack moved up through 4.0.0.0 , then, back to 4.0.0.0 BBN, and up through other networks. On that day, the Internet suffered a rolling blackout because everyone was using Cisco routers affected by the same problem. When the source was identified and blocked, the problem stopped.

    It's better to measure who is _using_ the Internet at central resources (root DNS servers, google, time.windows.com) rather than who can respond to a ping. Back when I was young, people didn't use NAT or firewalls and everything responded to a ping. Today, millions (billions?) of people don't really have public address space, and are separated from the IPv4 Internet by one or more levels of NAT or proxy servers. Clusters of web servers are mostly virtualized behind a single address served by load balancers and/or firewalls. A "ping" census is worth less today compared to prior to the rise of NAT firewalls in the late 90's. It's still interesting, but not at all accurate.

    Aside: When ISPs and corporations are forced to pay equitably for the addresses (and routes!) they use, the IPv4 "crisis" will solve itself.

    • You won't find any of my servers/boundaries responding to a ping on any address at any port for any reason. Send a TCP packet, and all of them will look at it, stroke their chins for a few microseconds, and decide whether to forward them or simply move on.

      A ping test is perhaps one of the silliest, as you cite by a more accurate observation of key SOA servers over a period of time.

      That said, I like Novell.com's bravery, as they always respond to a ping. It's how I know that my DNS infrastructure is working.
      • by caluml (551744)

        That said, I like Novell.com's bravery, as they always respond to a ping.
        Bravery? What? google.com, news.bbc.co.uk, yahoo.com all reply. What's brave about allowing an icmp-echo-request in, and replying with an echo-response?
        • Bravery because if you respond, it ties up a tiny slice of resources. Get some bozos that would do a reflected attack, and see what happens to *your* resources.

          Pings are a little like sparrow farts, inconsequential, until you get a bunch of servers responding to forged packets. Don't respond by policy, and far fewer CPU strokes are used to service the onslaught. Respond to them all, and suddenly the room smells of sparrow farts.
          • by caluml (551744)
            As I understand it, the problem occurs when it "costs" less to send the attack than the attack produces. I.e. send a broadcast to a subnet with a forged source address, and bam, all the computers on the subnet respond to the victim's address. A standard ping is pretty much 1:1. If you are able to bombard the server with pings, then you can bombard whoever you want with pings.
            • A ping attack, although it uses icmp messages instead of rude things like syns, is a both a resource attack (potential denial of service) as well (and more importantly), a services probe. Find the service, then open it for a crack and subsequent use.

              Bombardmemt is one problem, but finding a juicy exploit is another. Not responding to an external probe is paramount. Perimeter security is an illusion, each device needs 'atomic' or 'instance' protection, and ping responses increase an attack surface dramatical
              • by caluml (551744)
                The chance of you responding gets less as the post gets older, but....
                A SYN flood works because the OS of the "attacked" has to allocate memory for each SYN connection. Thus, sending 10000 SYN requests over 5 minutes chews up memory. When an OS receives a 56 byte ICMP request, it sends back the reply, and doesn't have to utilise any memory "remembering" it.
                • Right.

                  It's still a resource utlization. Get multiple instances or a reflection, and you can hammer a machine-- with ICMP rather than a UDP or TCP relationship. Before you know it, you've also had all of the exposed services discovered, and noted.

                  So it's still good to turn ICMP messaging or just pings off. With a GBE interface, you can send from one bot machine, hundreds of thousands of packets per second-- not just 10000 SYNs. If a bot is on the inside perimeter of an org's net, 10000 is laughingly trivial-
      • by Medievalist (16032) on Tuesday October 09, 2007 @04:03PM (#20917439)

        You won't find any of my servers/boundaries responding to a ping on any address at any port for any reason. Send a TCP packet, and all of them will look at it, stroke their chins for a few microseconds, and decide whether to forward them or simply move on.
        Are you sure that's all they are stroking? Just kidding. It seems a bit unnecessary to shut down your site's ability to help others test connectivity to you. You really aren't doing anything but crippling harmless diagnostics; it's very easy to make your network safe to ping.

        A ping test is perhaps one of the silliest, as you cite by a more accurate observation of key SOA servers over a period of time.
        But, you see, there's no single trustworthy authority that has root access to all the nameservers. Think about how DNS works, and how the hints file interacts with local and intermediate caches, and you will see that your idea is not really any more workable than a ping test. It's too impossible to co-ordinate. I cache at three levels for good solid reasons not having anything to do with "fear of a bad ping". On the other hand I assume pings are friendly and only monitor them for performance and bandwidth reasons, and I have not yet been hacked despite many years of pen tests by outside agencies we've hired.

        That said, I like Novell.com's bravery, as they always respond to a ping. It's how I know that my DNS infrastructure is working. It's a randomly successful find (I have no affiliation with them), rather it always works, when it works.
        Aha! You admit that your fears are impacting your ability to serve the community - in a way that you admit is valuable! This admission is the first step to great power! OK, just kidding again.

        Configure your firewalls to respond to all inward-bound pings for your entire address space. This will not consume any significant resources, and will not inform any skeery crackers of anything (in fact it's a better way to fool them than blocking ping, since they will not need to resort to stealthier scans that require more resources to detect or block). Log who pings you to the router console and leave a dumb terminal running on it, or pump it into a secure internal web page. Treat ping flooding like any other kind of packet flooding - you can't really make it impossible to DDOS you simply by blocking specific ICMP types anyway. Don't forget to implement packet source ingress and egress filtering, obviously.

        Google, yahoo, and Novell all respond to ping. It's a service they kindly provide to the rest of us, a service we should all provide to make the Internet's tubes easier to see through. You aren't going to get hurt by a ping unless you have no idea how to set up a network... in which case dropping ping packets won't save you.

        Don't make researchers have to develop new ways to punch through firewalls, let's all just use good ol' friendly, simple, and useful pings.
      • by darkwhite (139802)
        Can you please list your subnets? I'd like to blackhole them altogether so I don't have to deal with retarded admins who like to make my life more difficult than it already is.

        Ping is an essential diagnostic tool. You're going out of your way to disable it for no good reason. Don't be surprised when network admins get annoyed at you, to put it very mildly.
        • Uh, sure.

          Try uh, http://www.sco.com./ [www.sco.com]

          Yeah, that's the one.

          Disable ping. Fool. Any reasonable network admin that doesn't disable ping needs their motives examined:

          Anytime you can get a ping, there's a service somewhere in there that can be probed and opened with one kind of crowbar or another. Go on, expose yourself. Keep that attack surface high and wide.

          Yeah, go ahead, and when that diploma from Pumpkin U falls off the wall when your net gets owned, don't blame me.
    • Aside: When ISPs and corporations are forced to pay equitably for the addresses (and routes!) they use, the IPv4 "crisis" will solve itself.

      I used to work for a Fortune 500 company with 30 K employees that had 3 and now has 6 class B IP address ranges so that each computer could have a unique IP address. At the same time, they configured all routers to block all inbound traffic to all but a few of those addresses corresponding to servers for mail, HTML, and FTP!

      A small fee of even 1 $/month would make tha

  • Guys, have a look along the bottom edge and stick a flag in 86.0.202.223 for me ;-)
  • With all the hosts behind firewalls and NATs, id be interested in the number, and the methodology of estimation.
  • by meridian (16189) on Tuesday October 09, 2007 @04:46PM (#20918007) Homepage
    These guys port scanned 36 million hosts connected to the Internet and published some of their findings. It makes for a very interesting read especially the bit about when their Japanese team gets hacked into during the scan after apparently annoying someone in China a little bit after scanning their subnet blocks. http://reactor-core.org/internet-audit.html [reactor-core.org]
    • That was an absolutely fantastic read. The conclusions of those tests are pretty insightful; he accurately predicted the dominance of botnets and DDoSing -- both of which were not popular at all when he wrote the article (1998). He also proposes a distributed network that scans for vulnerabilities on the Internet, which I found pretty interesting (and quite honestly, probably a much better use of resources than something like SETI@home).

      Furthermore, he points out something that has not yet come to pass
  • by tjwhaynes (114792) on Tuesday October 09, 2007 @05:26PM (#20918525)
    The Total Perspective Vortex is the most horrible torture device to which a sentient being can be subjected. It shows its victim the entire unimaginable infinity of the universe with a very tiny marker that says "You Are Here" which points to a microscopic dot on a microscopic dot.
  • For a historical comparison, just to show how far we have come, I have printed below an equivalent map that was generated based on 1957 data:

  • Our version is here: http://thewholeinternet.wordtothewise.com/ [wordtothewise.com]

    It's just a technology demo right now and is on a server that likely won't survive a slashdotting, but it's a fun toy as-is. The next step is to add bookmarking and search-by-IP, search-by-ASN and some additional data sources to overlay.

EARTH smog | bricks AIR -- mud -- FIRE soda water | tequila WATER

Working...