Episode Transcript
Transcripts are displayed as originally observed. Some content, including advertisements may have changed.
Use Ctrl + F to search
0:02
You're listening to the CyberWire Network, powered
0:04
by N2K. This
0:13
September 18th and 19th in Denver,
0:15
a tight community of leading experts
0:17
is gathering to tackle the toughest
0:20
cybersecurity challenges we face. It's
0:22
happening at MY's, the unique
0:25
conference built by practitioners for
0:27
practitioners. Developed by
0:29
Mandiant, now part of Google
0:31
Cloud, MY's features one-to-one access
0:33
with industry experts and fresh
0:35
insights into the topics that
0:37
matter most right now to
0:39
frontline practitioners. Register
0:41
early and save at
0:44
MY's.io/CyberWire. That's
0:48
MY's.io/CyberWire. The
0:59
word is network telescope.
1:06
Spelled network for a system
1:08
of electronic endpoints interconnected
1:11
by telecommunications equipment in order
1:13
to transmit or receive information
1:16
and telescope for an instrument
1:19
designed to make distant objects
1:21
appear nearer. Definition.
1:30
Network observation systems designed to monitor
1:32
globally unreachable but unused internet address
1:34
space or the deep web in
1:37
order to study a wide range
1:39
of interesting internet phenomena. Example
1:47
sentence. Monitoring unexpected traffic
1:49
arriving at a network telescope
1:51
might provide early warning for
1:54
serious network security events. Origin
2:02
and Context Network
2:04
telescopes are also known as
2:07
Internet Background Radiation Monitors and
2:09
packet telescopes. And according to a
2:11
2010 research paper,
2:13
Internet Background Radiation Revisited,
2:16
because there are no legitimate hosts in
2:18
these unused IP blocks, packets
2:20
arriving must be the result of
2:22
warm propagation, DDoS attacks,
2:25
network misconfiguration, or other annoying
2:27
or nefarious activity that's usually
2:29
hidden in the noise of
2:31
normal Internet traffic. Bill
2:34
Czewiec and Steve Bellaman originally conceived the
2:36
idea in 1998. Since
2:39
then, various researchers have sought to extend
2:41
the idea. The most prolific
2:44
is probably the Center for Applied Internet
2:46
Data Analysis, or CADA. Nerd
2:54
Reference Bill Czewiec and Steve
2:56
Bellaman are famous and old guy cyber
2:58
security circles for writing one of the
3:00
first cyber security books, Firewalls
3:03
and Internet Security, repelling the
3:05
Wiley Hacker. I had
3:07
a dog-eared copy on my desk back in the day
3:09
when I was a young UNIX system administrator. At
3:11
the vintage Computer Federation East 9.1 conference in
3:14
2015, Czewiec described how he
3:18
and Bellaman created the first network telescope.
3:20
We built the first packet telescope, which
3:22
basically meant, we said, hey world, network
3:24
12 is here. Network
3:27
12 is AT&T's Internet address. We
3:30
got it back in 1998 by asking for it. We
3:34
said, can we have this class A address? Class
3:36
A address probably has a market value of a billion
3:38
dollars now, something like that. We said, we need it.
3:40
They said, oh, you're a big company. You get one.
3:43
Sure, we're giving them out to every big company.
3:45
And so net 12 came to us, and we
3:47
couldn't use it. It was too
3:50
big. So we had
3:52
this big useless address, and I said, let's gather
3:55
all the traffic that comes to this
3:57
big unused network and watch
3:59
it and see what it is. It's a packet telescope
4:02
and Steve Bellivan put up some monitoring and so
4:04
on and we got about 25 megabytes
4:06
a day of random packets which
4:10
basically were the death screams of various
4:12
machines around the internet that were shouting
4:15
packets at that network. The
4:35
IT world used to be simpler. You
4:37
only had to secure and manage environments
4:39
that you controlled. Then came
4:42
new technologies and new ways to
4:44
work. Now employees, apps and networks
4:46
are everywhere. This means
4:48
poor visibility, security gaps and added
4:51
risk. That's why Cloudflare
4:53
created the first ever connectivity
4:55
cloud. Visit cloudflare.com to
4:58
protect your business everywhere you
5:00
do business.
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More