Network telescope

From Wikipedia, the free encyclopedia

You have new messages (last change).
There are very few or no other articles that link to this one.
Please help introduce links in articles on related topics. After links have been created, remove this message.
This article has been tagged since November 2006.

In Internet terminology, an Internet/network telescope is a system that allows us to observe different large-scale events taking place on the Internet. The basic idea is to observe traffic targeting the dark (unused) address-space of the network. Since all traffic to these addresses is suspicious, we can gain information about possible network attacks (random scanning worms, and DDoS backscatter) as well as misconfigurations by observing it.

The resolution of the Internet telescope is dependent on the number of dark addresses it monitors. For example, a large Internet telescope that monitors traffic to 224 addresses (a /8 Internet telescope in IPv4), has a higher probability of observing a relatively small event than a smaller telescope that monitors 216 addresses (a /16 Inernet telescope)

[edit] See also

http://www.caida.org/publications/papers/2004/tr-2004-04/tr-2004-04.pdf Moore et.al. technical report on network telescopes


This computer network-related article is a stub. You can help Wikipedia by expanding it.
Retrieved from "http://en.wikipedia.org../../../n/e/t/Network_telescope.html"