Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
The Internet IT

Millions of Internet Addresses Are Lying Idle 500

An anonymous reader writes "The most comprehensive scan of the entire internet for several decades shows that millions of allocated addresses simply aren't being used. Professor John Heidemann from the University of Southern California (USC) used ICMP and TCP to scan the internet. Even though the last IPv4 addresses will be handed out in a couple of years, his survey reveals that many of the addresses allocated to big companies and institutions are lying idle. Heidemann says: 'People are very concerned that the IPv4 address space is very close to being exhausted. Our data suggests that maybe there are better things we should be doing in managing the IPv4 address space.' So, is it time to reclaim those unused addresses before the IPv6 crunch?"
This discussion has been archived. No new comments can be posted.

Millions of Internet Addresses Are Lying Idle

Comments Filter:
  • screw ipv4 (Score:5, Insightful)

    by k3v0 ( 592611 ) on Wednesday October 15, 2008 @12:11PM (#25385409) Journal
    lets just switch to IPv6, it's more functional and future proof
    • by Anonymous Coward on Wednesday October 15, 2008 @12:16PM (#25385495)
      Hello. I am Hunvi Maguay, premier of Swaziland. If you have an unused IP address we will buy it from you for $6,000,000 right now. In order for us to send you the money, please send us your bank account number along with proof of identity. Your Social Security number would be good. Please tell us your mother's maiden name too. Hurry, our offer will not last long.
    • Re: (Score:3, Interesting)

      Right....

      So you've configured all of your network equipment to use IPv6 then.

      Tell me: What is your IPv6 address, what's the address of your router/gateway and what's the size of block you are using?
      • Re:screw ipv4 (Score:5, Interesting)

        by Synn ( 6288 ) on Wednesday October 15, 2008 @12:25PM (#25385685)

        Nobody has configured for IPv6 because there's been no forced set date to switch over so everyone is still just using IPv4 which is working just fine.

        But when the date comes it'll be a long weekend for a lot of admins, but I'm guessing the switch will happen just fine.

        • Re: (Score:2, Informative)

          by Anonymous Coward

          Indeed.

          So why isn't IPv6 widely adopted yet?

          Because

          1> IPv4 still works fine AND
          2> It costs money to implement IPv6 AND
          3> Implementation cost of IPv6 is more likely to drop than to raise over time.

          The implementation cost is most likely to drop, hardware prices have nothing but dropped ever since there was hardware for sale. Another couple of years from now the price of those routers will probably be cut in half again.

          So there's nothing strange going on, it's just business as usual. If someone s

        • Re:screw ipv4 (Score:5, Insightful)

          by vux984 ( 928602 ) on Wednesday October 15, 2008 @12:57PM (#25386295)

          Nobody has configured for IPv6 because there's been no forced set date to switch over so everyone is still just using IPv4 which is working just fine.

          Sure my PCs can all switch without too much trouble; just configuration issues.

          Will an xbox, xbox360, PS3, Wii, PSP or DS do ipv6? Will my ipod touch? What about my cell phone? Does my dlink nat/router do it? What about my dlink voip box? My network printer? My cable/adsl modem?

          Seriously.

          I can't abandon v4 at home (Wii doesn't do ipv6 afaik, nor does my router). Nor can I do it at work... the LaserJet 4050s don't do it unless I upgrade the jetdirect module (which is stupid expensive). I also doubt my cell phone supports ipv6. My parent's have a Wii and a usb-print server that don't d ipv6. My brother in-law has a PS3 and a Wii that doesn't appear to support ipv6. My parents in-law have an xbox and a wifi router that doesn't do ipv6... my cousin has a DS... she's stuck on WEP because it doesn't do WPA... I highly doubt its going to do ipv6.

          • Re:screw ipv4 (Score:5, Insightful)

            by hedwards ( 940851 ) on Wednesday October 15, 2008 @01:09PM (#25386491)

            What you'd do is upgrade the router. That's it.

            Basically new routers would do a 1:1 version of NAT going from IPV6 externally to IPV4 internally. You'd likely still be using the set aside non-connected blocks without problems. As things evolve you'd probably be able to do IPV6 easily internally and ditch that as the network devices support it.

            The difficulty of upgrading to IPV6 has never been on that end it's the other infrastructure and the ISP services which were where the actual work, challenge and money were located.

            I'm sure that there are other ways of doing it, but that's really the simplest and it allows people to transition on the less important end as they care to or not. It wouldn't make a difference for anybody else.

            • Re: (Score:3, Insightful)

              by Cramer ( 69040 )

              Actually, it is far more complicated than current generation IPv4 NAT/PAT. IPv4/IPv6 requires a protocol bridge. I guess you are too young (and I'm really not that old) to remember when IPv4 ("IP") was new. Everybody had networks built with Appletalk, IPX, etc. A company that wanted to "get on the internet" either had to replace equipment and completely restructure their network into a "dual stack" rig -- while you could install a TCP/IP package in windows and Mac System 6, none of the services commonly

          • Re: (Score:3, Interesting)

            by Anpheus ( 908711 )

            All of those things can add IPv6 functionality in firmware, I'd put money on it. Just because the companies are too lazy to do so doesn't mean it's unpossible.

            The FCC should just mandate a switch to IPv6, if the US leads, the rest of the world tends to follow. Ridiculous foreign policy demands aside.

            • Re: (Score:3, Interesting)

              by Cajal ( 154122 )

              The FCC has no authority to dictate IPv6 usage in the US.

            • by gnick ( 1211984 ) on Wednesday October 15, 2008 @02:29PM (#25387803) Homepage

              The FCC should just mandate a switch to IPv6, if the US leads, the rest of the world tends to follow.

              Exactly.

              Listen up world! We've decided that you all should be using miles, feet, inches, Fahrenheit, and gallons. Please upgrade your silly metric system.

          • Re:screw ipv4 (Score:5, Informative)

            by Chris Pimlott ( 16212 ) on Wednesday October 15, 2008 @01:11PM (#25386537)

            If you're like most of us, all your devices at home are living behind NAT. There's no reason they can't keep living in an ipv4 private network behind an ipv6 router.

          • Re: (Score:3, Interesting)

            by mini me ( 132455 )

            Will my ipod touch

            I don't see why it wouldn't. It runs pretty much the same operating systems that Macs do.

    • Simpler Politics (Score:5, Insightful)

      by Midnight Thunder ( 17205 ) on Wednesday October 15, 2008 @12:51PM (#25386169) Homepage Journal

      lets just switch to IPv6, it's more functional and future proof

      Yup and it is probably much simpler. Trying to reclaim addresses involves political issues, finding out who to talk to, bureaucracy and some technical issues. Switching to IPv6 is about technical stuff and just getting going. You are going to have to switch to IPv6 at some point, so why spend energy twice?

    • Re:screw ipv4 (Score:5, Insightful)

      by Anpheus ( 908711 ) on Wednesday October 15, 2008 @01:35PM (#25386973)

      Future proof? Everyone says IPv6 is future proof. No one will ever need more than 2^64 addresses.

      That's ridiculous. If we have the addresses, we'll find some way to use them. Instead, it should be IPvX. We should have an extensible standard that the IANA or -someone- can flip a switch on and the routers will add another 8 bits to the address automatically. Need more IPs? Done, 256 times more. This scales well, means we'd never have to go through this again and in thirty years no one will be mocking our generation for this silly attitude of "2^X IPs is enough for the whole world."

      • Re: (Score:3, Insightful)

        by coolsnowmen ( 695297 )

        We should have an extensible standard that the IANA or -someone- can flip a switch on and the routers will add another 8 bits

        IANA? You are not a ____? A computer engineer.

        Anyway, we should not have such a thing. Yes it would be easy in software to make such a conditional, but the high performance backbone needs to be just that. And when you add that "option" the hardware engineer needs to decide whether that condition should be done in serial (costs you in transient lag), or do all options in parallel (costs you in $$).

        But it really comes down to keep.it.simple.stupid engineering. Why add complicate a standard when you can't

        • Re: (Score:3, Informative)

          by Sancho ( 17056 ) *

          Some perspective:
          Right now, there are over 6 billion people on Earth. IPv4 has a theoretical maximum of 2^32 (4.3 billion) IP addresses. IPv6 has a theoretical maximum of 2^128 IP addresses, which works out to more than 2^90 addresses per person currently on the planet. Yeah. Each person could have a whole bunch of IPv4-sized address spaces. A bunch of a bunch. Our planet probably isn't capable of holding so many people that each person would only get 2^32 addresses (size of the IPv4 address space.)

          I'

      • Re:screw ipv4 (Score:5, Insightful)

        by TheRaven64 ( 641858 ) on Wednesday October 15, 2008 @02:27PM (#25387767) Journal
        Do you have any idea how big a number 2^64 is? There are currently just under 2^33 people in the world. This means that 2^64 is almost enough for every person to have as many IP addresses as there are currently people. It is enough for 2^35 IPs per square kilometre of the Earth - including the sea - or, to put it another way, enough for every 0.29cm^2 of the Earth's surface to have a unique IP. It is enough not just for every computer you own to have an IP address, but for every item of clothing, every item of furniture, and every object in your fridge to have a unique, public, IP, and still have a lot left over. IPv6 will last until nanotech becomes widespread and you want to have networks of nanoscopic devices online - and possibly even then since it would make sense to treat personal area networks as a single public device.
        • Re: (Score:3, Funny)

          by Fastolfe ( 1470 )

          IPv6 will last until nanotech becomes widespread and you want to have networks of nanoscopic devices online - and possibly even then since it would make sense to treat personal area networks as a single public device.

          So your solution to running out of IPv6 addresses is.. NAT?

        • Re:screw ipv4 (Score:5, Informative)

          by BitZtream ( 692029 ) on Wednesday October 15, 2008 @04:09PM (#25389755)

          You're missing the fact that an IPv6 /64 is what a home user gets, not the total address space. The IPv6 address space is 128 bits, meaning you get 2^64 blocks of 2^64 addresses.

          Meaning every square millimeter of the earths surface can be assigned approximately 667 quadrillion unique addresses. With your math, I personally can assign every 0.29cm^2 of the Earth an address out of my block alone.
          Please see:
          http://en.linuxreviews.org/Why_you_want_IPv6 [linuxreviews.org]

  • Credit crunch (Score:5, Insightful)

    by Harmonious Botch ( 921977 ) * on Wednesday October 15, 2008 @12:12PM (#25385425) Homepage Journal

    This is curiously similar to the current credit crunch. When a fix is not guaranteed to happen soon, people start hoarding.

    • Re:Credit crunch (Score:5, Interesting)

      by toleraen ( 831634 ) * on Wednesday October 15, 2008 @12:16PM (#25385487)
      I was going to use the oil analogy. It's going to run out eventually, so why not switch to something better now before we run out?
      • Because everyone will have to buy new hardware that will properly handle ip6. Those that might be volume buyers of Ip6 enabled hardware are the same ones that have excess ip 4 addresses. So, they have little motivation to switch, and the demand for Ip6 hardware remains low while price remains high.
    • Re:Credit crunch (Score:5, Interesting)

      by Samantha Wright ( 1324923 ) on Wednesday October 15, 2008 @12:17PM (#25385505) Homepage Journal
      That's a little silly. These allocations were made in the 70s and 80s, before the Internet really existed outside of the US. At the time, the recipients of the addresses were those who were most likely to use them. No hoarding is going on.
      • Re: (Score:2, Interesting)

        That's a little silly. These allocations were made in the 70s and 80s, before the Internet really existed outside of the US. At the time, the recipients of the addresses were those who were most likely to use them. No hoarding is going on.

        Really? There are potential buyers - people who would pay for the IPs. But the owners are not selling - at any price. That is hoarding.

  • Give back class As (Score:5, Insightful)

    by Neil Watson ( 60859 ) on Wednesday October 15, 2008 @12:12PM (#25385427) Homepage

    Perhaps some of the institutions that still have class A networks reserved from the old days, with no reasonable need for them, should give them back.

    • by Anonymous Coward on Wednesday October 15, 2008 @12:25PM (#25385683)

      Yup, I work for one of them, GE - the entire "3.x" class-A network, 16million addresses - most of our internal network is those 3.x addresses, behind firewalls so basically useless - and even better, I pinged a few external GE sites I know of, and none of them even use 3.x addresses!!

      maybe 500K employee's & contractors, even add 500K more for servers and unallocated IP's in the ranges, that's still 15*million* unused. Besides which, we could easily run on 10.x internal networking and NAT/Proxy to outside.

      Don't be in a hurry to get them back though... its not a priority! (haha)

      • by t0rkm3 ( 666910 ) on Wednesday October 15, 2008 @12:38PM (#25385935)

        As a network security guy in a company with 9 Class B's that are used within the company. (1 is Internet facing) The internal usage of public IP address space is justified by one thing, acquisitions. Every time a company is bought up by our company we have to integrate them into our network. We are already using some RFC1918 space at stub networks(plants/refineries) and for VoIP applications. However, the challenge of integrating 25,000 new IP devices with a conflicting address scope per merger is painful and wasteful.

        • Re: (Score:3, Informative)

          by Bill Barth ( 49178 )
          Isn't this what DHCP is for? I'm a little surprised you have 25k boxes come in via a merger with static addresses.
          • Re: (Score:3, Insightful)

            by qwertphobia ( 825473 )

            Core routers don't get DHCP addresses. Servers don't get DHCP addresses. Infrastructure, for the most part, should not be dynamic, and should never rely on other infrastructure unnecessary.

            It can take years to transition between addressing policies.

    • Re: (Score:3, Interesting)

      by mordred99 ( 895063 )
      Hell .. some of the companies have all their stuff on public IPs. Once in particular (I won't say who) I can get to the manufacturing PLCs since they use public IPs on everything. I can shut off their machines if I wanted to. Yes I used to do security for them, but I was let go because I brought up too many things that would cost them money. Their security manager said "If I don't know about it, and something goes wrong, we can pay to fix it then. However it is cheaper to not tell upper management abou
  • by lobiusmoop ( 305328 ) on Wednesday October 15, 2008 @12:12PM (#25385431) Homepage

    you can give one of these poor unwanted IP's a home.

  • Maybe these addresses are simply leftovers from before people started to make wide use of NAT, which cut down a whole lot on the # of addresses in circulation
  • Sounds like Detroit or East Saint Louis.
  • Why bother? (Score:5, Insightful)

    by Timothy Brownawell ( 627747 ) <tbrownaw@prjek.net> on Wednesday October 15, 2008 @12:16PM (#25385491) Homepage Journal
    Would giving them back do anything other than encourage network providers to procrastinate on IPv6 for another couple years?
  • by Spazztastic ( 814296 ) <spazztastic@@@gmail...com> on Wednesday October 15, 2008 @12:16PM (#25385499)
    If the big fortune 100 companies would dump their IP blocks that they don't use more then 10% of the whole sensationalist scare of "OH MY GOD WE'RE RUNNING OUT OF ADDRESSES" wouldn't even be relevant.

    Also, to quote someone from the last three articles related to IPv4 running out, it seems like one of these articles shows up on the main page at least once per month and nothing has changed.

    I don't see why any company, even in the expandable future, would use every address in a /8 subnet... unless they have everything open to the internet, which is moronic.
    • NAT is a hack. (Score:3, Interesting)

      Granted, it may be cheaper, in the short term, to use NAT than to upgrade to ipv6.

      But imagine if no one was using NAT anywhere. This would have two effects:

      First, techniques like Skype's UDP hole-punching would be completely unnecessary. You wouldn't even need a central server -- you could just use protocols like SIP the way they were meant to be used.

      Port forwarding would be a thing of the past. Far more peer-to-peer technologies would just work.

      Second, we'd run out of IPv4 a lot faster.

  • by gstoddart ( 321705 ) on Wednesday October 15, 2008 @12:17PM (#25385519) Homepage

    People setting up networks aren't trying to use every single address in their space.

    It's far easier to use an entire a.b.c.* as a logical sub-domain than fiddling with netmasks and all that stuff so that a.b.c.1 and a.b.c.200 are on different subnets.

    The amount of work people would need to invest to use every single IP address with no holes would be cumbersome. (I'm not saying you can't do it, it's just tedious.) And, you never know when you're going to need to allocate more machines -- I remember getting blocks of IP addresses for static machines in case I needed another machine in the future.

    Now, why most people aren't using 10.*.*.* as their internal stuff I'll never know. Since the overwhelming majority of machines on the internet aren't (and shouldn't) be directly routable, it's an awful waste to not have organizations behind NAT-ed firewalls and not drawing from the common pool of route-able IP addresses.

    Cheers

    • by Finallyjoined!!! ( 1158431 ) on Wednesday October 15, 2008 @12:30PM (#25385783)
      Quite right, there's no reason whatsoever why 98% of users shouldn't be behind NAT gateways. I've seen stupid situations where bloody printers are assigned a public IP - so people can print to them over the internet - Whaaat??? Furthermore pretty much all VPN client software (excluding Microsoft shite, of course) is NAT-T aware.

      One other point, not related to the above, TFA states they are using icmp to determine if a host is alive. Really? What is the margin for error here? Pretty much every device I configure with a public IP & connected to the net, will not respond to icmp (except from designated hosts/host blocks) Guess we can take their figures with a pinch of salt then.
    • Re: (Score:3, Insightful)

      Now, why most people aren't using 10.*.*.* as their internal stuff I'll never know. Since the overwhelming majority of machines on the internet aren't (and shouldn't) be directly routable, it's an awful waste to not have organizations behind NAT-ed firewalls and not drawing from the common pool of route-able IP addresses.

      This is exactly how the company I work for does it. We use one public IP address, and our computers (all private IPs, as they should be) are NATted behind our router. I do the same thing at home, partly to circumvent how many computers my ADSL provider will let me plug in to their connection without giving them more money. :-)

      If everybody did things like this we would need a lot fewer IP addresses.

      ...laura

    • Re: (Score:3, Interesting)

      by camperdave ( 969942 )
      The amount of work people would need to invest to use every single IP address with no holes would be cumbersome. (I'm not saying you can't do it, it's just tedious.)

      It's not so much about the little holes, but the ones so big that you could drive a tank through and still have enough room on either side to comfortably fit an aircraft carier through sideways: like the class A block owned by Digital Equipment Corporation, which went belly-up in 1998; or the Computer Sciences Corporation which employs 98 tho
  • by Anonymous Coward on Wednesday October 15, 2008 @12:18PM (#25385539)

    We get this all the time from our ISP's. "Our scans reveal that you're not using much of the space we've allocated to you." In reality, those IP's are behind firewalls that only permit certain customers to reach them. Otherwise they don't respond - even to pings. The IP's appear dead to everyone except authorized users, and our ISP's aren't authorized.

    • I wonder what the opposite strategy would do... have the firewall intercept pings, but instead of just dropping them, pretend to be the target and answer them itself.
    • Re: (Score:3, Insightful)

      by sl3xd ( 111641 ) *

      You gotta love the assumption they're making that "not pingable means not in use."

      In reality, it can quite easily mean that most of the IP addresses on the internet are firewalled off, because they're not serving anything to the rest of the internet. If anything, I like to think of it as a good sign that at least rudimentary security measures are being taken by consumers.

      Grandma doesn't need her own web server, mail server, etc. Neither do most consumers - heck, I only have a couple of ports open - SSH an

  • by VE3OGG ( 1034632 ) <VE3OGG@NOSpAm.rac.ca> on Wednesday October 15, 2008 @12:20PM (#25385585)

    In the oil-business (and in many other fixed-resource industries, more then likely) there is a particular kind of legislation that would likely work very well in such a situation. It is known as 'fallow field legislation'.

    It works like this:

    If a company finds (or buys) rights to an oil field, they are given five years to start producing from it. If they do not, cannot, or are otherwise unwilling after those 5 years, the rights are revoked and the government (or governing body) will find someone who will and can.

    Fast forward to IPv4 -- any address that isn't being used (and by used I mean that there is no web presence, to use of e-mail, etc.) after a certain time period (perhaps 1-2 year(s)) then the address is revoked and put back into the public pool.

    Obviously, the easiest way to get around this little regulation would be to put up a place holder page, or redirect it to the main site. This would be much trickier. Likewise, it would not stop the name squatters (and increasingly the registrars) from putting up those SPAM pages, but like I said, it would fix the problem of people just sitting on a resource without using it.

    My $0.02

    • by mcelrath ( 8027 )

      This sounds like a great idea for IP=Intellectual Property.

      If you do not, or cannot make money from your IP "rights" within the last 5 years, then that IP enters the public domain.

  • TCP and ICMP (Score:5, Insightful)

    by IceCreamGuy ( 904648 ) on Wednesday October 15, 2008 @12:22PM (#25385611) Homepage
    I drop ICMP entirely, and besides our website and mailservers, we don't have any standard tcp ports open on any of our other external IPs. I really can't imagine it's that much different for other medium and large businesses; am I to believe they nmapped the entire Internet? (It's clear FTA that they did not) To me, these findings are not that surprising in the security-oriented world we live in today.
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      If none of the ports are open on any of your external IPs, then why do you need to have more than one external IP?

    • Re:TCP and ICMP (Score:5, Informative)

      by Anonymous Coward on Wednesday October 15, 2008 @12:35PM (#25385889)

      I drop ICMP entirely

      Then you're an idiot [freelabs.com] who has no business managing a firewall.

  • Bankrupt companies (Score:3, Interesting)

    by sunderland56 ( 621843 ) on Wednesday October 15, 2008 @12:25PM (#25385673)

    What happens to the IP addresses allocated to companies that are now (a) bankrupt, or (b) bought out by larger companies, or (c) allocated to companies now significantly smaller in size? There must be a significant pool of addresses that could be reclaimed there.

    e.g. dec.com, compaq.com, sco.com, sgi.com....

  • Raise prices.

    Raising the price of an IP address increases the incentive to not to waste the IP address.

  • How long did it take for the world to believe that the moon was a hunk of desolate rock as opposed to a god or made out of cheese? World perception is important and there's a lot of people who understand the IPv4 is running out. Not needed or advised to try and slow down adoption by yelling "wait wait wait we can still cheat to tread water longer" when the ocean is getting bigger by the day.*

    //*on the spot metaphor

  • by Arrogant-Bastard ( 141720 ) on Wednesday October 15, 2008 @12:28PM (#25385737)
    In addition to all those lying idle because of excessive address space allocation, there are huge swaths of space which have been hijacked. Recent discussion on the NANOG list has highlighted some of these; the Spamhaus DROP list features others. And other researchers have found still more that are obviously no longer under the control of their putative owners, and are being use for spam, spyware, phishing, and worse. Attempts to get network operators, registrars, ICANN, ARIN, and others to effectively disable these resources -- and eventually to reclaim them -- have been largely unsuccessful. Yes, in some isolated cases, limited action eventualy takes place, but it's far too little far too late to be considered anything close to "effective". We need a concerted, worldwide effort to not only reclaim this space, but to blacklist for life those found currently possessing that -- because (as we've seen repeatedly) they won't be deterred by anything else.
  • MIT is 18.*.*.* (Score:3, Informative)

    by Dogun ( 7502 ) on Wednesday October 15, 2008 @12:29PM (#25385763) Homepage

    Last I checked, MIT had all of 18.*.*.*...

  • I just setup redundant internet connectivity, and needed to get a class C address space, even though I only use a dozen or so addresses. I guess this is to limit the size of routing tables. Seems like a waste.
  • Interactive map (Score:3, Informative)

    by citking ( 551907 ) <(ten.gniktic) (ta) (yaj)> on Wednesday October 15, 2008 @12:32PM (#25385829) Homepage

    There is an interactive map on their site [isi.edu] that allows you to zoom into the IP space pretty nicely. Our uni has a B range of addresses and we use only two Cs of that right now. When we split off from the main building and got onto city fiber, they decided that, rather than give us a private IP range like the other campuses, we would be allocated one of the C ranges.

    Of course, no one knew what they were doing so getting the ASA and default routes set-up properly was a nightmare, but hey, we're using more of our IP space now! (sarcasm intended)

  • They used ping! (Score:5, Interesting)

    by eihab ( 823648 ) on Wednesday October 15, 2008 @12:33PM (#25385843)

    From the article:

    The USC research group used the most innocuous type of network packet to probe the farthest reaches of the Internet. Known as the Internet Control Message Protocol, or ICMP, this packet is typically used to send error messages between servers and other network hardware.

    My home network is in complete stealth mode, and to them that's another "idle IP" address.

    I also love how they arrived to their conclusion:

    the team probed a million random Internet addresses using both ICMP and TCP, finding a total of 54,297 active hosts ...
    In total, the researchers estimate that there are 112 million responsive addresses ...
    but the overall conclusion--that the Internet has room to grow--is spot on

    How did this ghetto-science experiment end up on Slashdot again?

    • Yes I am sure the researchers have no idea what a firewall is. And everyone is a network admin with their home routers...

      Of course these researches used logic to determine when a firewall is in place. One possible way would be to look at a subnet as a whole, if neighboring IPs are responding you can make a reasonable guess that other IPs should respond if binded to another node. This is a sampling of 4 billion, so no, individual circumstances where this doesn't hold up won't make a difference.

      Wait for th

  • the IT hysteria of the early century. just as juicy a media hit as the Y2K panic and fear from last century, but not as much consulting opportunities

    personally i'm waiting for 2012, when the elder gods of the mayan calendar awaken and in their rage at not being greeted by chocolate, peppers, and virgins, they reroute all null pointers in all code to the apocalypse. plenty of IT hysteria, plenty of consulting opportunities

  • I had always heard similar. In the early days, lots of people where given A subnets on the assumption "We'll never need all those addresses so take a whole block!", so now large parts of Class A's are being unused, but the logistics of sorting all that out would be a pain

  • it's the size and complexity of the non-default routing table. The principle reason to switch to IPv6 is that it gives us the opportunity to throw away the old legacy routing table and insist on sticking with hierarchical address allocation to keep the routing table small.

  • just a few examples (Score:3, Informative)

    by marvinglenn ( 195135 ) on Wednesday October 15, 2008 @12:39PM (#25385967)

    See http://www.iana.org/assignments/ipv4-address-space/ [iana.org]

    019/8 Ford Motor Company 1995-05 LEGACY
    marvin@tribble:~$ host www.ford.com
    www.ford.com is an alias for
    www.ford.com.edgesuite.net.
    www.ford.com.edgesuite.net is an alias for a1200.g.akamai.net.
    a1200.g.akamai.net has address 96.17.109.74
    a1200.g.akamai.net has address 96.17.109.18

    013/8 Xerox Corporation 1991-09 LEGACY
    marvin@tribble:~$ host www.xerox.com
    www.xerox.com is an alias for www.xerox.com.edgekey.net.
    www.xerox.com.edgekey.net is an alias for
    e82.c.akamaiedge.net.
    e82.c.akamaiedge.net has address 72.246.128.108

    009/8 IBM 1992-08 LEGACY
    marvin@tribble:~$ host www.ibm.com
    www.ibm.com is an alias for www.ibm.com.cs186.net.
    www.ibm.com.cs186.net has address 129.42.58.216

    003/8 General Electric Company 1994-05 LEGACY
    marvin@tribble:~$ host www.ge.com
    www.ge.com has address 192.131.227.156

    048/8 Prudential Securities Inc. 1995-05 LEGACY
    marvin@tribble:~$ host www.prudential.com
    www.prudential.com is an alias for web.prudential.com.
    web.prudential.com has address 12.34.100.148

    Apple (17) and HP (15) have their public website within their allocation. Eli Lil(l)y (40) appears also has their public website within their allocation, but I have a hard time believing that they could ever need that many public IP addresses.

    So there... I just found an extra quarter million addresses. (5 x 2^16) Y'all can pay me by giving me my own /24.

  • ... or /24 if you prefer

    I only use about 15 of the possible 253 ip addresses - the rest is wasted - I used to need them way back when there was no web multihoming though.

    This would make a good poll:
    Q: What percentage of your allotted IP space do you actually use?

  • Decades? (Score:5, Funny)

    by Hikaru79 ( 832891 ) on Wednesday October 15, 2008 @12:43PM (#25386033) Homepage
    The most comprehensive scan of the entire internet for several decades

    As opposed to the great Internet scans of the 30s?
  • by mschuyler ( 197441 ) on Wednesday October 15, 2008 @12:43PM (#25386037) Homepage Journal

    and you can have them when you pry them from my cold, dead fingers. I would never be able to get them today, but way back in the early nineties they just gave them away. I had ten sites and wanted to start a Frame Relay network, so 'they' gave me a Class C for every site and one to knit them together. A couple of my sites had less than a dozen computers. Of course, these days even the copy machines have an IP address, so those sites are up around two dozen or so. One of them is doubling in space, so we'll be up to fifty or so. One of our sites closed, so that freed up an entire Class C, but our largest site is pushing the limits, so we moved the empty Class C to the large site. The numbers are scattered all over the place. .1 is always the router. Of course, the hubs have their own IP address. Public access stations started at .100 to be easily recognizable, but then the staff machines got up to .99 so we had to hop scotch over the public numbers and keep going with .200. The numbers are static because it's easy to track, and when we first started it seemed a reasonable path to take.

    Could we do this differently. OF COURSE!! There are lots of ways to free up a ton of space. Please don't lecture me on how to do it. I know how to do it. It's just that the system is working now. The system just kinda grew on us. When we started we had no idea copy machines would have IP addresses. Even the damn VoIP phones have IP addresses! That was a big hit on our numbers. Are refrigerators next? We had no idea we'd have fifty servers instead of three or four. Life has changed and because we are realtively 'wealthy' in terns of addresses, we had the flexibility to change with it.

    I look at our Class C's kinda like a fixed field database. There's a lot of air in there. It compresses really nicely if you need to, but disk space is cheap, so there's no real reason to conserve it.

    The thing is, even though we have a bunch of empty addresses, our experience shows that we're going to grow into them. We've already encountered congestion a couple of places. As soon as those new fridges show up we'll need some more numbers. My guess is before too long we're going to have to do some subnetting and consolidate a couple of our small sites into one Class C to free up the other one to use in a large site. That should work fine. I don't see any problems pulling that off. Of course, if we build another big site, we'll have to think through what to do very carefully. e'll probably do the new site like y'all want us to. We may not have any choice.

    But those Class C's are mine. I own them, and you can't have them back.

  • by SoundGuyNoise ( 864550 ) on Wednesday October 15, 2008 @12:44PM (#25386041) Homepage
    But my refrigerator, it needs, nay, craves an IP address, so it automatically orders my eggs and ravioli and orange creme soda, and orangutans, and breakfast cereals.....
  • by Richard W.M. Jones ( 591125 ) <rich@anne[ ].org ['xia' in gap]> on Wednesday October 15, 2008 @12:47PM (#25386103) Homepage

    This story rings true. I worked for a company during the dot-com boom and just after which requested an allocation from RIPE [ripe.net] (the European equivalent of ARIN). I was the designated & trained "LIR" (I think that was the term?).

    We received 8,192 IP addresses. We actually had them authorized to us in blocks of 256 addresses, and each time we needed another 256 we had to go back to RIPE and justify the expansion. However it is my understanding that the full 8,192 addresses were reserved for us.

    We ended up using 3 x 256 addresses, but after a later downturn in the fortunes of the company, even many of those went unused.

    I left the company many many years ago. However I notice the company that acquired it is still using those 3 x 256 addresses, and the original 8,192 are still reserved at RIPE. The IP addresses are even registered to the name of a director who was ousted when the company was taken over, at a street address that the company hasn't occupied for many years.

    Rich.

  • by Detritus ( 11846 ) on Wednesday October 15, 2008 @12:57PM (#25386291) Homepage

    This whole discussion is a waste of time. You aren't going to get any of these address blocks without an expensive and prolonged fight. Wasting valuable resources that could be used to advance a real solution, IPV6.

    Even if you "liberated" all of these address blocks, they would be quickly consumed by the natural growth of the Internet.

    NAT is not a solution, it is a malignant blight that must be destroyed. If you want a firewall, get a real firewall.

  • by jimmyhat3939 ( 931746 ) on Wednesday October 15, 2008 @12:57PM (#25386299) Homepage

    TCP and ICMP is not a good way to test this. Plenty of IPs won't respond to a ping and don't have any TCP ports open for inbound connections (SYN flag set).

  • It appears that all they did was ping every address they could, and then track which addresses responded and which ones did not. Consdiering how many systems are either configured to not respond to ping, or sit behind firewalls that stop the ping from getting through, this seems like a method of marginal value.

    Wouldn't there be a better way to query the addresses than this? In some areas, I suspect checking DNS records might be more informative if what you are looking for is which addresses are unused (though of course DNS isn't mandatory either).
  • by John Jorsett ( 171560 ) on Wednesday October 15, 2008 @03:55PM (#25389497)

    My address is behind a firewall that doesn't respond to unsolicited incoming packets. It's in use, but you'd never know it from the outside.

Do you guys know what you're doing, or are you just hacking?

Working...