Black hole (networking)

In networking, a black hole refers to a place in the network where incoming or outgoing traffic is silently discarded (or "dropped"), without informing the source that the data did not reach its intended recipient.

When examining the topology of the network, the black holes themselves are invisible, and can only be detected by monitoring the lost traffic; hence the name as astronomical black holes cannot be directly observed.

Dead addresses

The most common form of black hole is simply an IP address that specifies a host machine that is not running or an address to which no host has been assigned.

Even though TCP/IP provides a means of communicating the delivery failure back to the sender via ICMP, traffic destined for such addresses is often just dropped.

Note that a dead address will be undetectable only to protocols that are both connectionless and unreliable (e.g., UDP). Connection-oriented or reliable protocols (TCP, RUDP) will either fail to connect to a dead address or will fail to receive expected acknowledgements.

For IPv6, the black hole prefix is 100::/64.[1]

For IPv4, no black hole address is explicitly defined, however the reserved IP addresses can help achieve a similar effect. For example, 198.51.100.0/24 is reserved for use in documentation and examples[2]; while the RFC advises that the addresses in this range are not routed, this is not a requirement.

Firewalls and "stealth" ports

Most firewalls (and routers for household use) can be configured to silently discard packets addressed to forbidden hosts or ports, resulting in small or large "black holes" in the network.

Personal firewalls that do not respond to ICMP echo requests ("ping") have been designated by some vendors[3] as being in "stealth mode".

Despite this, in most networks the IP addresses of hosts with firewalls configured in this way are easily distinguished from invalid or otherwise unreachable IP addresses: On encountering the latter, a router will generally respond with an ICMP network rsp. host unreachable error.[4] Network address translation (NAT), as used in home and office routers, is generally a more effective way of obscuring the layout of an internal network.[5] [6] [7]


Black hole filtering

A null route or black hole route is a network route (routing table entry) that goes nowhere. Matching packets are dropped (ignored) rather than forwarded, acting as a kind of very limited firewall. The act of using null routes is often called blackhole filtering. The rest of this article deals with null routing in the Internet Protocol (IP).

Black hole filtering refers specifically to dropping packets at the routing level, usually using a routing protocol to implement the filtering on several routers at once, often dynamically to respond quickly to distributed denial-of-service attacks.

Remote Triggered Black Hole Filtering (RTBH) is a technique that provides the ability to drop undesirable traffic before it enters a protected network.[8] The Internet Exchange (IX) provider usually acquires this technology to help its members or participants to filter such attacks.[9]

Null routes are typically configured with a special route flag; for example, the standard iproute2 command ip route allows to set route types unreachable, blackhole, prohibit which discard packets. Alternatively, a null route can be implemented by forwarding packets to an illegal IP address such as 0.0.0.0, or the loopback address.

Null routing has an advantage over classic firewalls since it is available on every potential network router (including all modern operating systems), and adds virtually no performance impact. Due to the nature of high-bandwidth routers, null routing can often sustain higher throughput than conventional firewalls. For this reason, null routes are often used on high-performance core routers to mitigate large-scale denial-of-service attacks before the packets reach a bottleneck, thus avoiding collateral damage from DDoS attacks — although the target of the attack will be inaccessible to anyone. Blackhole filtering can also be abused by malicious attackers on compromised routers to filter out traffic destined to a certain address.

Routing typically only works on the Internet Protocol layer and is very limited in packet classification. It is bound to be stateless due to the nature of IP routers. Typically, classification is limited to the destination IP address prefix, source IP address and incoming network interface.

DNS-based Blackhole List

Main article: Domain Name System-based Blackhole List

A DNS-based Blackhole List (DNSBL) or Real-time Blackhole List (RBL) is a list of IP addresses published through the Internet Domain Name System (DNS) either as a zone file that can be used by DNS server software, or as a live DNS zone that can be queried in real-time. DNSBLs are most often used to publish the addresses of computers or networks linked to spamming; most mail server software can be configured to reject or flag messages which have been sent from a site listed on one or more such lists. The term "Blackhole List" is sometimes interchanged with the term "blacklist" and "blocklist".

A DNSBL is a software mechanism, rather than a specific list or policy. There are dozens of DNSBLs in existence,[10] which use a wide array of criteria for listing and delisting of addresses. These may include listing the addresses of zombie computers or other machines being used to send spam, listing the addresses of ISPs who willingly host spammers, or listing addresses which have sent spam to a honeypot system.

Since the creation of the first DNSBL in 1997, the operation and policies of these lists have been frequently controversial,[11][12] both in Internet advocacy and occasionally in lawsuits. Many email systems operators and users[13] consider DNSBLs a valuable tool to share information about sources of spam, but others including some prominent Internet activists have objected to them as a form of censorship.[14][15][16][17] In addition, a small number of DNSBL operators have been the target of lawsuits filed by spammers seeking to have the lists shut down altogether.[18]

PMTUD black holes

Main article: Path MTU discovery § Problems

Some firewalls incorrectly discard all ICMP packets, including the ones needed for Path MTU discovery to work correctly. This causes TCP connections from/to/through hosts with a lower MTU to hang.

Black hole e-mail addresses

A black hole[19] e-mail address is an e-mail address which is valid (messages sent to it will not generate errors), but all the received messages are automatically deleted, and never stored or seen by humans. These addresses are often used as return addresses for automated e-mails.

See also

References

  1. ^ N. Hilliard; D. Freedman (August 2012). A Discard Prefix for IPv6. Internet Engineering Task Force. doi:10.17487/RFC6666. ISSN 2070-1721. RFC 6666. Informational.
  2. ^ J. Arkko; M. Cotton; L. Vegoda (January 2010). IPv4 Address Blocks Reserved for Documentation. Internet Engineering Task Force. doi:10.17487/RFC5737. ISSN 2070-1721. RFC 5737. Informational. Updates RFC 1166.
  3. ^ Apple Inc., botXhacker" "About the Application Firewall"
  4. ^ Kurose, J. F.; Ross, K. W. (2021). Computer Networking: A Top-Down Approach (8th ed.). Pearson. ISBN 978-0136681557.
  5. ^ Strebe, Matthew (2019). Network Security Foundations: Technology Fundamentals for IT Success. Sybex. ISBN 978-0782143270.
  6. ^ "RFC 3022: Traditional IP Network Address Translator (Traditional NAT)". IETF. January 2001.
  7. ^ Wool, Avishai (2004). "A quantitative study of firewall configuration errors". IEEE Computer. 37 (6): 62–67. doi:10.1109/MC.2004.2.
  8. ^ "Blackhole" (PDF). cisco.com. Retrieved 25 June 2023.
  9. ^ "HKIX".
  10. ^ "DNS & RHS blackhole lists". Archived from the original on 21 March 2013. Retrieved 26 March 2013.
  11. ^ C. Lewis; M. Sergeant (January 2012). Overview of Best Email DNS-Based List (DNSBL) Operational Practices. Internet Research Task Force (IRTF). doi:10.17487/RFC6471. ISSN 2070-1721. RFC 6471. Informational.
  12. ^ "RBLMon.com: What are RBLs and How do they Work?". Archived from the original on 4 September 2017. Retrieved 26 March 2013.
  13. ^ "Revealing Botnet Membership Using DNSBL Counter-Intelligence" (PDF). Retrieved 26 March 2013.
  14. ^ "RBL Criticism". 11 February 2008. Retrieved 26 March 2013.
  15. ^ "Electronic Frontier Foundation, EFFector, Vol. 14, No. 31, Oct. 16, 2001". 12 January 2012. Retrieved 26 March 2013.
  16. ^ "Verio gags EFF founder over spam". The Register. Retrieved 26 March 2013.
  17. ^ "Choosing Spam over Censorship". Archived from the original on 21 April 2003. Retrieved 26 March 2013.
  18. ^ "EMarketersAmerica.org sues anti-spam groups". Retrieved 26 March 2013.
  19. ^ Exim internet mailer specification document,the Redirect router

Read other articles:

Georg-Gaßmann-Stadion

Georg-Gaßmann-StadionThe stadium on a matchday in June 2009Full nameGeorg-Gaßmann-StadionLocationOckershausen, MarburgCoordinates50°47′51.99″N 8°45′16.57″E / 50.7977750°N 8.7546028°E / 50.7977750; 8.7546028OwnerCity of MarburgCapacity15,000Field size105 x 68 mSurfaceGrassConstructionOpened1967Renovated2001 &2006–07TenantsVfB Marburg (Association football)Marburg Mercenaries (American football) The Georg-Gaßmann-Stadion is a multi-purpose stadium in...

 

Djoko Tata Ibrahim

Djoko Tata Ibrahim, S.E. (lahir di Teluk Betung, Lampung 14 Agustus 1952) adalah seorang pengusaha dan profesional bisnis yang dalam usianya masih muda, 35 tahun, ia meraih posisi tertinggi sebaga President Direktur PT. Tigaraksa Satria (1987-sekarang). Jiwa dagang telah mengalir di dirinya sejak ia duduk di bangku kelas 3 Sekolah Dasar (SD), sebagai pedagang asongan berjualan minyak goreng keliling kampung. Ia dikenal sebagai seorang pekerja keras. Saat menempuh Sekolah Menengah Pertama (SMP...

 

خافيير إسبينوسا

خافيير إسبينوسا   معلومات شخصية الميلاد 19 سبتمبر 1992 (العمر 31 سنة)طلبيرة  الطول 1.74 م (5 قدم 9 بوصة) مركز اللعب وسط الجنسية إسبانيا  معلومات النادي النادي الحالي أيك لارنكا الرقم 23 مسيرة الشباب سنوات فريق 2005–2011 برشلونة المسيرة الاحترافية1 سنوات فريق م. (هـ.) 2010–20...

مارغريت النمساوية ملكة إسبانيا

  لمعانٍ أخرى، طالع مارغريت من النمسا (توضيح). مارغريت النمساوية ملكة إسبانيا (بالألمانية: Margarete von Österreich)‏    معلومات شخصية الميلاد 25 ديسمبر 1584  غراتس  الوفاة 3 أكتوبر 1611 (26 سنة) [1]  الإسكوريال  سبب الوفاة اضطراب النفاس  مكان الدفن بانثيون الملوك &...

 

العلاقات السويدية الكورية الجنوبية

العلاقات السويدية الكورية الجنوبية السويد كوريا الجنوبية   السويد   كوريا الجنوبية تعديل مصدري - تعديل   العلاقات السويدية الكورية الجنوبية هي العلاقات الثنائية التي تجمع بين السويد وكوريا الجنوبية.[1][2][3][4][5] مقارنة بين البلدين هذه مقارن�...

 

Sextuple

Le sei coppe vinte dal Barcellona nel 2009 esposte nel museo del Camp Nou. Sextuple è un termine calcistico inglese (in spagnolo Sextete) che indica la vittoria di sei competizioni ufficiali da parte di una squadra nell'arco di una singola stagione sportiva o di uno stesso anno solare.[1] Indice 1 Sextuple internazionale 2 Sextuple nazionale 3 Sextuple mancati 4 Sextuple nel calcio femminile 5 Oltre il sextuple 6 Note Sextuple internazionale Il sextuple con trofei internazionali è s...

Segunda Liga 2014-2015

Segunda Liga 2014-2015 Competizione Segunda Liga Sport Calcio Edizione 25° Organizzatore FPF Date dal 9 agosto 2014al 24 maggio 2015 Luogo  Portogallo Partecipanti 24 Risultati Vincitore  Tondela(1º titolo) Promozioni  Tondela União Madeira Retrocessioni  Beira-Mar Marítimo B Trofense Statistiche Miglior marcatore Tozé Marreco Erivelto(23 goal) Cronologia della competizione 2013-2014 2015-2016 Manuale La Segunda Liga 2014-2015 è stata la ...

 

Stadio Silvio Appiani

Silvio AppianiLa fossa dei leoni Panoramica dell'Appiani negli anni Cinquanta. Informazioni generaliStato Italia UbicazioneVia Carducci, 3Padova Inizio lavori1921 Inaugurazione1924 Chiusura1994 Ristrutturazione1929-1949, 1956-1957, 1981,[1] 2015 e 2023 ProprietarioComune di Padova Informazioni tecnichePosti a sedere24 000 StrutturaPianta ellittica CoperturaParziale Pista d’atleticaNon presente Mat. del terrenoErba Dim. del terreno105 × 68 m Uso e beneficiariCalcioPadova (1924-...

 

Shek Nga Shan

Hill in Hong Kong View of Mui Tsz Lam at the foot of Shek Nga Shan. Shek Nga Shan (Chinese: 石芽山; lit. 'stone bud hill') is a 540 m high hill in Ma On Shan Country Park, Hong Kong. Access Shek Nga Shan can be reached via footpaths from Mui Tsz Lam[1] or Fa Sam Hang.[2] Nearby hills include Buffalo Hill and West Buffalo Hill.[3] References ^ Shek Nga Shan. WalkOnHill. ^ Shek Nga Shan. AllTrails. ^ Shek Nga Shan. 隨我行FolloMe. Further reading Mesozoi...

Really Useful Group

English media company Really Useful Group Ltd.Company typePrivate companyIndustryMediaGenre Theatre Film Television Video Concert productions Merchandising Magazine publishing Records Music publishing Founded1977FounderAndrew Lloyd WebberHeadquartersLondon, EnglandSydney, AustraliaKey peopleAndrew Lloyd Webber (Chairman)OwnerAndrew Lloyd WebberDivisionsSee belowWebsitereallyuseful.com The Really Useful Group Ltd. (RUG) is an international company set up in 1977 by Andrew Lloyd Webber. It is i...

 

WDR 3

You can help expand this article with text translated from the corresponding article in German. (August 2023) Click [show] for important translation instructions. Machine translation, like DeepL or Google Translate, is a useful starting point for translations, but translators must revise errors as necessary and confirm that the translation is accurate, rather than simply copy-pasting machine-translated text into the English Wikipedia. Consider adding a topic to this template: there are a...

 

Torino di Sangro

Questa voce o sezione sull'argomento centri abitati dell'Abruzzo non cita le fonti necessarie o quelle presenti sono insufficienti. Puoi migliorare questa voce aggiungendo citazioni da fonti attendibili secondo le linee guida sull'uso delle fonti. Torino di Sangrocomune Torino di Sangro – Veduta LocalizzazioneStato Italia Regione Abruzzo Provincia Chieti AmministrazioneSindacoNino Di Fonso (lista civica Torino di Sangro nel cuore) dal 10-6-2018 TerritorioCoord...

Монтсеррат

У этого термина существуют и другие значения, см. Монсеррат. Монтсерратангл. Montserrat Флаг Герб Гимн: «God save the King» Монтсеррат на карте региона Официальный язык Английский Столица Плимут (де-юре) (заброшен из-за извержения вулкана)Брейдс (де-факто) Крупнейшие города Брейдс Ф...

 

List of colleges and universities in Pennsylvania

The following is a list of colleges and universities in the U.S. state of Pennsylvania. Among public institutions, the Commonwealth System of Higher Education includes semi-public state-related colleges and universities. The Pennsylvania State System of Higher Education consists of state-owned master's level institutions. Benjamin Franklin statue on the campus of the University of Pennsylvania, an Ivy League institution in Philadelphia Pennsylvania State University in State College Universit...

 

Women in the Democratic Republic of the Congo

Overview of the status of women in the Democratic Republic of the Congo Women in the Democratic Republic of the CongoCongolese woman near Walungu, South KivuGeneral StatisticsMaternal mortality (per 100,000)540 (2010)Women in parliament8.2% (2012)Women over 25 with secondary education10.7% (2010)Women in labour force70.2% (2011)Gender Inequality Index[1]Value0.601 (2021)Rank151st out of 191 Global Gender Gap Index[2]Value0.575 (2022)Rank144th out of 146 Part of a series o...

母校

哥伦比亚大学的「智慧女神雕像」 母校(拉丁語:alma mater,英式英語發音:/ˈɑːlmə ˈmɑːtər/、美式英語發音:/ˈælmə ˈmeɪtər/),源自拉丁語,本意「母親的哺乳」,詞源與校歌相通,是一個使用於古羅馬各式地母神的頭銜,特別是刻瑞斯或者西芭莉(希臘神話),亦使用於中世紀基督教的聖母瑪利亞。 位於義大利的博洛尼亚大学於1988年,430位大学校长在大學著名的大�...

 

1998 Yeosu submersible incident

1998 naval skirmish between North Korea and South Korea 1998 Yeosu submersible incidentPart of Korean ConflictDate17–18 December 1998LocationOff the coast of Yeosu, South Jeolla Province, South KoreaResult South Korean victoryBelligerents  South Korea  North KoreaStrength 2 Pohang-class corvettes 1 semi-submersibleCasualties and losses None 1 semi-submersible sunk~4 dead vteNaval engagements of the Korean War (1950–1953) and post-armistice incidents Pre Armistice Korea Strait Ch...

 

Domestic worker

Person who works within the employer's household Servant redirects here. For other uses, see Servant (disambiguation). The help redirects here. For other uses, see The Help (disambiguation). This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed.Find sources: Domestic worker – news · newspapers · books · scholar · JSTOR (Decembe...

John E. Fryer

Psychiatrist and gay activist (1937–2003) John E. FryerBorn(1937-11-07)November 7, 1937Winchester, Kentucky, U.S.DiedFebruary 21, 2003(2003-02-21) (aged 65)Philadelphia, Pennsylvania, U.S.Alma materTransylvania University Vanderbilt UniversityKnown forHis role in persuading the American Psychiatric Association to remove homosexuality from the Diagnostic and Statistical Manual of Mental DisordersAwardsDistinguished Service Award from the Association of Gay and Lesbian Psychiat...

 

العلاقات الدنماركية المالية

العلاقات الدنماركية المالية الدنمارك مالي   الدنمارك   مالي تعديل مصدري - تعديل   العلاقات الدنماركية المالية هي العلاقات الثنائية التي تجمع بين الدنمارك ومالي.[1][2][3][4][5] مقارنة بين البلدين هذه مقارنة عامة ومرجعية للدولتين: وجه المقارنة ا�...