February 2005 Archives

Interesting Instat report to share...

Wireless VoIP Gaining Traction in Business Market

SCOTTSDALE, Ariz., February 8, 2005 - Wireless VoIP implementation is beginning to occur in the business market, according to In-Stat (http://www.in-stat.com). In a recent survey of more than 300 mid-size businesses and large-enterprises, 23% of decision-maker respondents said that they had already deployed wireless VoIP, in some manner, and another 30% said that they were planning or evaluating the implementation of the technology within the next six to twelve months.

Wireless VoIP presents carriers with a lucrative new opportunity if they market the service smartly. "It is important to remember that VoIP is a technology and not a product," says Becky Diercks, In-Stat analyst. "The product is telephone service, and customers don't generally care what the underlying technology is, as long as it works. Carriers should look at wireless VoIP as just one other manner in which to provide seamless access to customers."

The high-tech research firm has also found that:

• The greatest interest by survey respondents was in having the ability to make phone calls from a laptop computer, in allowing employees to make phone calls from a PDA, and in unified messaging, which allows (among other things) users to access e-mail messages from their voice mail boxes.  
  
• The number of cellular/WLAN subscribers will reach over 256 million worldwide by 2009, or roughly 12% of all cellular subscribers. By 2009, the numbers of subscribers using WLAN for voice is expected to exceed those using WLAN for data only.  
  
• Overall, about 60% of decision-maker respondents believed that it would be beneficial to have a solution that integrates the WWAN with the WLAN.

The report, "Demand for Wireless VoIP Applications and Services in the Business Environment" (#IN0501674MBM),provides an overview of the wireless VoIP market, particularly as it relates to the wireless WAN. It discusses interest in various wireless VoIP-enabled applications from the perspective of the business, as well as the end-user, and it provides subscriber forecasts for cellular/WLAN service users. To purchase this report, or formore information, please visit: http://www.in-stat.com/catalog/Wcatalogue.asp?ID=272

Interesting partnership between Borderware and 3Com that aims to bring an "all in one" security solution that encompasses email & data PLUS voice. This is perfect for the SMB (small to medium business) that can't afford a Network Security Manager. It apparently handles Denial of Service attacks as well.

Check out the email + two related releases.

A new development this week that will bring enterprise-grade email security within reach (cost-wise) of small and medium-sized businesses for the first time. BorderWare Technologies on Monday will announce a joint product with 3COM that provides enterprise-class email security (this is common criteria-certified technology from BorderWare that has been in use by 6000 worldwide government agencies and large companies for many years) - everything from anti-spam, anti-virus, DOS, and more - at a price affordable enough for small and medium businesses. Early customers are enthusiastic (and will talk), while analysts believe this will pose significant competition to more basic yet more expensive offerings by entrenched security vendors.

3Com and the 3Com logo are registered trademarks of 3Com Corporation. All other company and product names may be trademarks of their respective holders.

New Siemens SIP-based IP phones launched today.
Siemens optiPoint 420 Family of SIP Phones Has Programmable Self-Labeling Keys and Other Features to Improve Productivity and Reduce Costs of Moves, Adds and Changes BOCA RATON, Fla. — February 7, 2005 —
Siemens Communications, Inc., today announced a new line of IP telephones: the optiPoint™ 420 family. Adding to an extensive portfolio of easy-to-use, cost-effective and flexible telephone models, the Siemens optiPoint 420 phone family has programmable self-labeling key (SLK) technology that gives users rapid, real-time access to frequently needed features and lines. With adaptable, snap-on options – such as a touch-screen display module (DSM) – the optiPoint 420 family is designed to maximize user efficiency and help organizations reduce the costs of moves, additions and changes.
The optiPoint 420 family includes models designed to meet the needs of station users, from basic to advanced. With its new phone entry, Siemens is one of the few IP telephony system suppliers offering desktop telephones with a significant number of physical programmable line and feature buttons – 12 or 18, depending on the model – that do not require the use of a shift key. The optiPoint 420 family also integrates the advanced design elements of the optiPoint 410 series (full-duplex speakerphone and optiGuide™ usage prompts, for example) with the efficiency benefit of its SLK technology.
“Siemens understands that users prefer simple one-touch operation for line or feature access without needing to scroll through different display pages,” said Allan Sulkin, the founder and president of TEQConsult Group. “The optiPoint 420 family has programmable buttons that are designed with both easy-to-see classic red LED indicators and the current generation of alphanumeric SLK displays that eliminate paper labels for line appearance, feature name or speed-dial descriptions. This offers each user the flexibility to program any button to suit their preferences. In addition, the DSM provides a second display, unique in the industry, to program advanced information services – a supplement to the instrument’s integrated standard multi-line display reserved for traditional telephony services.” With support of Session Initiation Protocol (SIP) and the H.323 protocol, the optiPoint 420 family of phones is fully interoperable with Siemens HiPath® 3000 and 4000 systems as well as with the Siemens HiPath 8000 system and many other SIP-based systems within the enterprise, carrier and service provider markets. The optiPoint 420 family is part of a complete portfolio of Siemens IP telephone choices that can be tailored and mixed to meet specific organizational needs and requirements (visit www.usa.siemens.com/communications to view the full line of Siemens phones). Other advantages of the optiPoint 420 family of phones include:
•Centrally deployed program controls to help lower costs for moves, adds and changes: personnel are no longer needed to print and install paper labels, one phone at a time. Plus, end users can program and customize the self-labeling keys on their own, to meet the needs of their work.
•Up to 18 programmable, self-labeling keys that are part of the phone with the option to add up to two additional self-labeling key models (13 keys per module).
•Password protection for customized setups of self-labeling keys.
•Automatic transfer of key presets from station to station – ideal for desk-sharing environments.
•Dedicated display for telephony controls that are built into the phone, including optiGuide usage prompts.
•A separate (and optional) large-screen display adapter module for applications such as directories, browsing, voice-activated dialing and call logs.
•High voice quality with the addition of new headset accoustics and support of the G.722 codec that allows transmission of 8kHz voice instead of traditional toll-quality 4kHz voice.
•Full-duplex speakerphone.
•Simple feature updates via software downloads that further reduce maintenance costs and extend the life of the phone.

•USB and headset port.

•Multiple-language support. “The optiPoint 420 family of IP phones, along with the optiPoint 410 and 600 families, gives Siemens a portfolio of 10 unique enterprise options,” said Mark Straton, senior vice president of Marketing with Siemens Communications, Inc. “We now have more phone choices, a selection of modular additions and improved end-user controls. Our phones are deigned to help workers optimize day-to-day communication tasks and to help enterprises get the most out of their investments.” The optiPoint 420 family of phones will be available on display (Booth 409) at VoiceCon 2005, February 7-10, at the Walt Disney World Dolphin Hotel in Orlando, Fla.
About Siemens Siemens AG (NYSE:SI) is one of the largest global electronics and engineering companies with reported worldwide sales of $91.5 billion in fiscal 2004. Founded more than 150 years ago, the company is a leader in the areas Medical, Power, Automation and Control, Transportation, Information and Communications, Lighting, Building Technologies, Water Technologies and Services and Home Appliances. With its U.S. corporate headquarters in New York City, Siemens in the USA has sales of $16.6 billion and employs 70,000 people throughout all 50 states and Puerto Rico. Eleven of Siemens' worldwide businesses are based in the United States. With its global headquarters in Munich, Siemens AG and its subsidiaries employ 430,000 people in 192 countries. For more information on Siemens in the United States: www.usa.siemens.com

Interesting Cnet article which talks about an alliance being formed by VoIP service providers called "VoIP Security Alliance" which aims to prevent VoIP spam, SPIT (spam over Internet telephony) or whatever you want to call it.
What's interesting is this quote, "With little evidence to suggest a problem, however, the 22 member companies of the VoIP Security Alliance run the risk of provoking the digital world's black hats."
Hate to break it to ya, but if black hats or spammers can make a buck via VoIP spam, then they're going to do it regardless of an organization/alliance being formed.
The almighty dollar and greed will drive VoIP spam.  Still, I do agree that this may be a case of crying wolf before the wolf has actually left its cage.  But everyone seems to be prognasticating VoIP spam will happen one day, so I suppose it's better to get the best minds in VoIP together and figure out what to do before it happens.
Now if only the SMTP designers better thought out the potential for email spam... Then life would have been good...
Alliance wants to beat spam to Net phones | CNET News.com

I’ve been using MTGoogleSearch for Related Entries on my MovableType blog - and unfortunately some of the related entries have UTF-8 characters in the URL titles which changes my webpage’s default iso-8859-1 encoding to UTF-8. If at least one of the Related Entries URL titles has a UTF-8 character, this causes funky characters to display in the blog body. That is, all of my em-dashes, quotes, apostrophes, etc. in the blog body are messed up. Even though I explicitly specify the encoding in the template to be iso-8859-1, I guess MT actually encodes the and saves the file in UTF-8 format. Even though I explicitly specify the encoding (using <$MTPublishCharset$>) in the template and it's set to be iso-8859-1 within mt.cfg, I guess MT actually encodes and saves the file in UTF-8 format due to the UTF-8 characters returned by MTGoogleSearch. Interestingly, when I View Source in Notepad and do a Save As, it displays UTF-8 in the filetype instead of the usual ANSI.

with

http://blog.tmcnet.com/blog/testblog/main-test2.asp (deleted MTGoogleSearch/Related Entries from template)

Same page – I just deleted MTGoogleSearch code from the template.

Notice the funky characters in the first one.

I could probably re-encode all my posts (ISO-8859-1) to UTF-8, but that’s a huge hassle. At least, I think it is. I tried changing MovableType’s default encoding to UTF-8 and rebuilt my site, but then my posts within the MT database had even more funky characters. I'd have to go into each blog post (in the hundreds) and fix all the funky characters and re-save. Uhhh no thanks.

There should be a way of forcing MTGoogleSearch to strip UTF-8 characters or just ignore them without changing the page’s encoding.

Grrr!!! For now I removed the MTGoogleSearch Related Entries feature from my home page, but I'll leave it on the individual blog posts. For some reason UTF-8 characters appear much more often on my main MT template than my individual archive template.

Update! 04/20/2005
I found an alternate solution to strange characters showing up in my blog. The solution is to download the MTStripControlChars plugin This fixed most of the weird characters, but not all of them. I customized the MTStripControlChars file to add other character mappings such as copyright symbols, registered trademarks, letter 'e' with an accent (é), and other mappings. I had to break out the old ASCII chart of characters and perform some decimal to Hexidecimal conversion which was then added to the MTStripControlChars.pl file. Then you simply put <$MTEntryBody strip_controlchars="2"$> into various locations in the blog's template and presto bango it works!

(Essentially it translates the (would-be) Windows-1252 characters into the corresponding Unicode numeric entities.)

65% Performance Boost & 10GigE Support Demonstrate Benefits of Open Arroyo OnDemand Architecture 

PLEASANTON, Calif. - February 7th, 2005 - Arroyo Video Solutions, Inc., which recently unveiled its first product, Arroyo OnDemand, - an industry-leading, open architecture solution for video on demand (VOD) - is today announcing two industry firsts. First, Arroyo is announcing support for native 10Gigabit Ethernet (10GigE) interfaces, delivering unprecedented levels of scalability to meet ramping VOD demand. Second, surpassing its own record 3,000 streams/industry-standard server, Arroyo OnDemand running on the latest industry-standard Intel hardware is now able to deliver up to 5,000 3.75Mbps video streams per 3RU (rack unit) server, a new industry record.

"Arroyo stands for industry leading solutions delivered on 100% open architecture hardware platforms," said Arroyo's President and CEO Kim Kelly. "Taking advantage of the latest volume server platforms from Intel, we are now able to deliver up to 5,000 streams per server and 65,000 streams per rack, almost twice the performance of the proprietary hardware platforms our competitors offer."

"As their performance requirements grow, video operators are moving rapidly from 1GigE- to 10GigE-based transport architectures," added Arroyo's Co-founder and CTO Paul Sherer. "By integrating 10GigE boards built by other vendors into our industry-standard platform, we are able to easily and rapidly respond to operators' needs for speed, performance and scalability. Competitors offering proprietary platforms simply cannot keep up with the advancements the computer industry delivers - nor with the needs of the operators."

10GigE Transport Scales VOD Networks
The accelerating popularity of VOD is imposing rapidly increasing loads on operators' networks. 10Gigabit Ethernet technology offers a 10-fold scaling in capacity versus 1 Gigabit Ethernet, enabling a single fiber to carry up to 2,500 3.75Mbps video streams and reducing the number of network paths operators have to manage by 10-fold. Combined with its rapidly improving prices, this scalability and manageability are making 10GigE the technology of choice for operators' video transport requirements.

Arroyo is the first vendor to offer native 10GigE support for VOD. Native 10GigE support delivers hard dollar savings for operators, as well as making on-demand networks far easier to manage and to scale. Arroyo's Video Platforms are uniquely suited to 10GigE support because of their industry-leading performance. Able to deliver up to 5,000 3.75Mbps video on demand streams per industry-standard server, each Arroyo Video Platform can fill two 10GigE network interfaces.

With a choice of 10GigE interface boards available from the networking industry, it took Arroyo just a few months to integrate support for 10GigE into Arroyo OnDemand. Plus, operators choosing Arroyo OnDemand gain tremendously from the rapidly improving price performance of industry-standard 10GigE technology. Equipping an Arroyo Video Platform with 10GigE interfaces costs less than $5,000 today, yet delivers savings more than 10 times as large.

Raising the Performance Bar
Running on Intel's latest volume hardware, Arroyo OnDemand now offers up to 5,000 3.75Mbps streams per 3RU industry-standard server, and up to 65,000 streams per rack. Equivalently, it delivers up to 1,250 15Mbps high-definition streams per server and up to 16,250 hi-def streams per rack. This figure effectively raises the bar for on-demand performance, offering almost twice the density of even the most proprietary competitors, about five times the performance per server of any vendor using industry-standard hardware and is a 65% increase from the record-setting 3,000 streams Arroyo OnDemand achieves running on previous generations of Intel servers.

Today's announcements demonstrate the powerful advantages of Arroyo's focus on open hardware. Operators choosing Arroyo can select the most appropriate servers and network interfaces based on their performance requirements and can mix and match these seamlessly. Operators can also be confident that as they expand and evolve their networks, they will stay at the forefront of technology and performance. And operators can be assured that new high performance capabilities can be integrated into existing networks easily, without expensive, disruptive forklifts which are characteristic of proprietary solutions.

About Arroyo Video Solutions
Headquartered in Pleasanton, California, Arroyo Video Solutions offers video operators a unique, network-centric on-demand architecture that uses 100 percent open-standard hardware platforms. The company's flagship product, Arroyo OnDemand, separates storage and streaming into different industry-standard servers and employs Arroyo Video Accelerator technology, which improves operational performance ten-fold over other leading video services companies.

Arroyo is a privately held company funded by leading Silicon Valley venture firms DCM - Doll Capital Management and Foundation Capital; and by Time Warner Investments and Comcast Interactive Capital, the investment arms of two of the nation's largest media companies. For more information, please visit www.arroyo.tv.

I received an email telling me about another IP-PBX from a company based out of Belgium. Packetbox is a turn-key software and hardware solution based on a customized Linux operating system.. It's called Packetbox, a preinstalled appliance that contains anti-spam, anti-virus solutions, ipsec for vpn's, groupware and a customized Asterisk solution with web based interface and flash panel. It provides a Windows compatible domain controller for user authentication & management, file & printer sharing and DHCP & DNS services. You can find more information about it at http://www.packetbox.net

The device retails at around 1000 Euro.

Yet another story putting a VoIP spin on the AT&T/SBC merger as well as all the other potential mega-telecom mergers happening.

AT&T buy shows how far voice calling has fallen | CNET News.com

Another interesting Instat research report you can buy claiming that wireline (a.k.a. landline) services continue to decline.  Heck, I could have told you that for free!  Between cell phones, and broadband VoIP ramping up, who needs landlines anyway? (911 issues not withstanding)

Check it out - they even cite VoIP in the research report...

Wireline Services Decline Continues for Telcos

SCOTTSDALE, Ariz., January 31, 2005 - Revenue from traditional wireline services will continue a steady decline over the next few years in the US, and carriers will have to promote other services to make up the difference, according to In-Stat (http://www.in-stat.com). US wireline voice service revenue will drop an average of 3.2% per year from 2003-2008, the high-tech market research firm forecasts.

"Consumer wireline voice services have been especially hard hit due to the growth of wireless voice services and increased competition among wireline service providers," says Daryl Schoolar, In-Stat analyst. "There are several services beyond just wireless that can offset declining service expenditures for traditional wireline services. These include IP Telephony, QoS for Internet access, IP VPN, managed security & firewall, and Telco TV."

In-Stat has also found that:

• Business expenditures will decline for wireline voice and data access/transport services due to adoption of Voice over IP and migration to lower-cost data services.  
  
• Internet access services, both consumer and business, however, remain an area of growth.  
  
• Providers of business services are going to have to start to think in a more consultative manner. Successfully selling in this environment requires a greater understanding of a customer's LAN, and a time commitment to seamlessly integrate the LAN and WAN together.

The report, "Wireline in Decline: US Wireline Services 2004" (#IN0401339TX),includes expenditure forecasts for the following services: consumer local and long distance voice, business local and long distance voice, consumer Internet access, business Internet access, Frame Relay, ATM, and private line. This report also contains broadband subscriber forecasts for both consumer and business users. To purchase this report, or formore information, please visit: http://www.in-stat.com/catalog/pcatalogue.asp?ID=37  

With "blockbuster telecom mergers" all the rage in the news and the blogosphere, I thought it would be worth sharing Instat's take on it...

Top Telecom Brands Battle it Out for Business: AT&T and Verizon Rank High

SCOTTSDALE, Ariz., February 1, 2005 - Today's business telecom marketplace is more competitive than ever.  Major providers, both fixed-line and wireless, are merging, cable operators are attempting to increase their reach into the business market and systems integrators are targeting the budding managed-services market.  As such, survival in this industry will hinge on products, prices and preference, and not necessarily in that order.  Recent In-Stat research, (http://www.in-stat.com), shows that key providers have already begun to carve out meaningful brand "footprints," or brand reach, in varying segments of the US business market and that customers have begun to develop a preference for a few key brands.  However, for the major telecom brands, like AT&T, increasing brand reach, and, more importantly, defending its position, will be critical to long-term success in the future.

"Marketing messages may be deafening buyers in the cacophony of vendors selling similar services.  Brand relevance is the only thing that will allow messages to truly resonate with customers today." says Kneko Burney, a Chief Market Strategist for In-Stat.  "To simplify their buying process, business customers are establishing 'preferred' vendor relationships and are focusing on buying multiple services from these preferred brands.  As a result, the top priority for providers today should be to establish closer, more preferred relationships with customers - not simply following the pack in pricing and/or new product introductions."  Burney emphasizes the importance of targeting and establishing preference among key segments: small business, mid-sized business, enterprise, and in specific vertical industries, not just with general business.

A recent survey by In-Stat has also found that:

• AT&T Wireless and AT&T (wireline only) were the top ranked national brands in all business segments. Of more interest, Verizon appears to be emerging as a major contender from the brand reach perspective, even in the broader national market.  
  
• Of the regional operators, BellSouth appears to be the most preferred brand in its region across all sizes of businesses. In contrast, MCI is commonly perceived by business decision-makers as "unstable financially."  In the middle market, in particular, more than one-third, 35%, of respondents indicated such.
  
• Across segments, the AT&T brand was the best-defined and generally associated with leadership.  However, because this company has such dominant brand reach already, it is definitely vulnerable to attack from emerging or expanding brands, particularly Sprint, Verizon and SBC.

The report, "Darwin Laughs: Exploring Brand Preferences for Network and Managed Services in the US Business Market, Part Four: US SOHO Businesses (1 to 4 Employees)" (#IN0401320SH),examine several aspects of key telecom and competitive provider's brands in the US business market: reach, value, preference and perception. The combination of these is believed to give insight into the potential success or failure of providers in this market in the long-term. Brand perception data is presented for each of the providers. To purchase this report, or formore information, please visit: http://www.in-stat.com/catalog/Ecatalogue.asp?ID=43

Email Apocalypse?

Inspired, I wrote a "war dialer" program that dialed all the local phone numbers in the surrounding area in search of a modem signal. The program would start at a number; say 555-0000 and then increment by one to 555-0001, then 555-0002 and so forth in search of modems. It was a slow program, taking days to call all the local numbers. While I never actually broke into any government systems, hundreds of people must have thought they just received a hang-up prank call. My motives were harmless. I was just curious to explore unknown computer systems via my 1,200-baud modem.

DANGEROUS DIALER
The recent news about the Code Red worm and its ability to "dial" IP addresses, searching for vulnerable IISs made me think of this program. Essentially the Code Red worm calls an IP address, scans for the vulnerability, dumps its payload and then moves onto the next IP address. When an IIS becomes infected with the newer Code Red II worm, it will actually scan IP addresses in the same "local" subnet to more quickly scan and find more IISs. Matthew Broderick's character in War Games would have had a field day with such a tool, which can scan for thousands of computers much faster than either of our war dialer programs.

Many people have read about the Code Red worm in the news, but I doubt most realize the impact this worm has had or will have on the Internet. No doubt some hacker is going to improve upon the design of this worm and truly cause chaos on the Internet. The worm in its current form is insidious due to its self-replicating nature and its ability to hog bandwidth. Newer variants even leave a "back door" which a hacker can use to steal data.

Several experts warned that the Code Red worm would bring down the Internet. This didn't happen, but the impact of the Code Red worm should not be understated. Several ISPs, including AT&T, Qwest, Optimum Online, and others reported disruptions due to the Code Red worm. Reportedly, the Bank of America was forced to shut down its intranet routers for at least a day, leaving the entire bank without Internet service. Even government and military computers have not been immune from this worm. Although I'm sure none of the mission-critical machines are connected directly to the Internet, it still gives me the chills to think that someone could infiltrate our government and military computers utilizing worms.

PREVENTION
I believe that something needs to be done to help minimize these types of attacks. It would be a fruitless exercise to expect bug-free software, so there will always be vulnerabilities that hackers will exploit. However, I believe that the tools to detect Denial of Service (DoS) attacks and the ability to find out who the offending DoS IP addresses belong to is sorely lacking. It's true that a seasoned network engineer can discern an attacking IP address, then do a "whois" lookup to find out to whom it is registered. Unfortunately, this is a manual process and often times the IP address is registered to the ISP and not the actual user.

The Code Worm virus infected over 400,000 IIS servers. How can ISPs quickly inform 400,000 people that their IIS has been compromised and that it is flooding the Internet with packets in its attempt to find and attack other machines? The ISPs can't do it, so that leaves it up to each individual person to have the knowledge to detect and know that their system has either been compromised or is being attacked.

Unfortunately, not everyone who manages a Web server, IIS or otherwise, is experienced in networking. Their Web server could be "slow" due to DoS attacks and the IT department may have no idea what is going on. They may think it's the ISP's fault or that there is heavy traffic on the Web, and not consider that their Web server has been compromised. Unless they know about the "netstat" command, have a packet sniffer, or know how to read the log files, they often are flying blind.

Microsoft is partly to blame for this. They've made installing a Web server as simple as installing Windows NT or 2000 and then installing an IIS which comes included on the CD. Providing a turnkey Web server is great, but it can be dangerous in the hands of a novice. Microsoft needs to provide better tools with an IIS for novice Web server administrators to ensure proper security. Such tools can include a reporting utility showing "hack attempts by IP address," as well as a real-time alerting system if a DoS attack has occurred.

NO ONE IS IMMUNE
My own broadband cable provider was not immune from the Code Red worm. For over a week, the receive and transmit lights on my cable modem were on constantly. At first I thought someone was trying to attack my home network. But even with all of my PCs off, the cable modem has constant high activity. I received an e-mail from my broadband provider informing me that the Code Red worm was flooding the shared cable broadband network. In fact, at times it was so bad I could not access the Web at all.

The Internet has become a critical communications medium for all kinds of applications. E-commerce, VoIP, e-mail, Web sites, instant messaging, ASPs, and more depend on the Internet. It's a wonder how we ever lived without it. Unfortunately, the Internet is like the Wild, Wild West, providing an expanse which allows hackers to hide in complete anonymity. Hackers can cause damage and there isn't much we can do to prevent it from happening, or to even catch those who do it.

WHEN IP ADDRESSES ATTACK
I have a suggestion for Microsoft and other manufacturers of Web servers that might help lessen the impact that the next Code Red worm can have on the Internet. But before I get into that, let's look at how someone is notified that they are inadvertently DoS attacking someone else. As we all know, everyone who logs onto the Internet has an IP address. Let's assume PC-A with IP address 198.1.1.1 has been infected and is performing a DoS attack on PC-B having IP address 200.1.2.3. Fortunately, the Webmaster for PC-B has noticed the DoS attack and has found the IP address of the attacking PC (198.1.1.1). He then goes to www.internic.net/whois.html to look up who owns 198.1.1.1. The whois query returns with the name of the company, the person responsible, an e-mail address and a phone number. He calls the person, tells him that his PC is infected and together they're able to solve the problem.

But wait, now PC-B is being attacked by a new IP address -- 193.3.2.1. He does a whois lookup, but the IP address is registered to UUNET, a major ISP for thousands of customers. He calls UUNET tech support and explains that one of their customers is infected with a worm and is performing a DoS attack on his PC. He asks the UUNET technician for the phone number of the customer so he may get in touch with the customer immediately to resolve the problem. Due to privacy restrictions, UUNET doesn't give out customer information. Instead, UUNET offers to contact the customer instead. Yeah right! I'm sure they'll get right on it. If only the Webmaster could send a message to the IP address (193.3.2.1) informing the person on the other end that they are performing a DoS attack.

INSTANT MESSAGE TO THE RESCUE
A recent survey estimated that 80 percent of users are utilizing some form of instant messaging. With the push for standardized, interoperable instant messaging, it is conceivable that a person can IM someone regardless of the platform that he running, (i.e., Windows, Mac, Linux).

My idea is to IM by IP address and not by some authenticated user account. Essentially, you are bypassing the IM provider, which normally performs the IP address translation for you. In our scenario, the Webmaster could open his favorite IM client and then type in the IP address of the attacking PC (193.3.2.1) to let the other party know he is infected with something.

Of course, my idea has some dangers as well. Imagine when spammers learn that they can IM you by using an IP address. They can put my little war dialer to shame. Also, the leading IM providers (AOL, ICQ, Yahoo!, Microsoft) would probably not want you to bypass their networks to send text messages. But I think I have a solution for both of these problems.

Today when you IM someone, you need their screen name or e-mail address. When you open your IM client, you are authenticated and the IM provider has a record of your current IP address, which was logged when you first authenticated onto the IM service. When you try to IM someone by their screen name or e-mail address, the request is forwarded to your instant messaging provider, who translates the screen name or e-mail address to the IP address of the person you are trying to reach and then forward the instant message to that IP address. Since the IM client is listening on a specific port number for messages, it can receive and display the message.

Now for my solution to prevent IM spam. I would like my hypothetical IM client to support two modes. The first mode is the traditional mode that accepts incoming messages from those who send a message from an "authorized" IM provider to your screen name (not your IP address). For example, if someone is logged into AOL and they IM me by my screen name, then they have the capability to send entire text messages with no restrictions.

The second mode is more restricted. It allows someone to IM me by my IP address, but it only lets the person send a numeric code. The numeric code sent can be pre-defined by some Internet standards body to correspond to various viruses, worms, and other critical alerts. Therefore, "code 1" could correspond to the Code Red worm, "code 2" could correspond to the SirCam virus, and so on. By only allowing numeric codes to be instant messaged when "dialing" directly via IP address, the user is protected from any IM spam and be instantly informed when they have been infected by something. IM providers probably couldn't care less that these simple numeric code alerts are routed directly to the IP address of the IM client rather than routed through the IM provider's network first.

Additionally, these special codes can be programmed on the IM client to play a special sound (such as a siren) or flash the screen with various colors. Flashing the screen might be important since not all Web servers have sound cards or speakers installed. It might be a good way to grab the attention of the Web server administrator.

ONE STEP FURTHER
To protect against pranksters sending false alarms, my idea could be extended even further. A running counter could be displayed on the screen to indicate the number of incoming "coded" IMs by IP address. If a Web server receives dozens of "code 1" alerts, all from different IP addresses, then no doubt this is a legitimate alert. Also, perhaps there could be something equivalent to the MAPS (Mail Abuse Prevention System) blacklist that keeps track of the IP address of pranksters who send false alerts. Or perhaps only ISPs with predetermined IP addresses are allowed to send these special numeric code alerts to IM clients? If the ISPs add the capability to detect DoS attacks and the like, they can program an automatic way of notifying their customers simply by IMing the customer's IP address.

In fact, this could be a value-added service that ISPs could provide. Notifying customers that there has been a security breach in the customer's systems could certainly be a profitable, high-margin value-add. By utilizing ubiquitous instant messaging technology, my idea would not be that hard to implement.

Let's face it, most people don't update their virus software on a regular basis and even the most diligent IT manager can't keep up with Microsoft's daily security patches. Sorry Microsoft, you deserve that one. Once an instant messaging standard is ratified, this could provide a valuable tool in the fight against fast-spreading worms and viruses. The Internet has become a critical tool in our business and personal lives. There will always be those who will exploit the anonymity of the Internet for personal gain. Let's just hope that technology will keep the bad guys in check and help to tame the Wild, Wild Web.

Some quick interesting news to share...

For Immediate Release Contact: Gregory L. Rohde
Feb. 3, 2005 202-292-4603
glr@e911institute.org


FCC Commissioner Kathleen Abernathy to Address Hill Forum to Address E9-1-1 Implementation and Federal Funding Shortage

Washington, D.C. FCC Commissioner Kathleen Abernathy will keynote a Hill forum sponsored jointly by the Congressional E9-1-1 Caucus and the E-9-1-1 Institute on Feb.10. Commissioner Abernathy will address implementation issues facing E9-1-1. Her address will be followed by panel discussion on implementation of 9-1-1 systems, with emphasis on the need for federal funding for E9-1-1 services.

"While we have seen regulatory leadership from the FCC in the E9-1-1 arena, the federal government has not provided much of any financial assistance to help advance E9-1-1," said Gregory L. Rohde, Executive Director of the E9-1-1 Institute. "So far, state and local governments, LECs, and wireless providers, bear the burden of funding E9-1-1 upgrades."

Last year, Congress passed legislation, the ENHANCE 9-1-1 Act of 2004, that authorized a new federal grant program and national coordinating office to advance E9-1-1 services. The grant program will help states and localities implement E9-1-1 systems. However, Congress has not yet provided the funding for the new program. "Congress provided a major step forward towards making E9-1-1 implementation a national priority last year with the passage of the ENHANCE 9-1-1 Act. Now the challenge is funding it," Rohde said.

Rohde noted that states are often not using funds which had had been allocated for 9-1-1- upgrades for that purpose. A Government Accountability Office report from November, 2003, found that 13 states and the District of Columbia used funds that should have gone for wireless E9-1-1 programs for other purposes. In February, 2004, New York State Comptroller Alan G. Hevesi reported the state diverted more than 40 percent of revenues from a cell phone surcharge that should have gone to E9-1-1 systems for other purposes. The ENHANCE 9-1-1 Act created incentives for states to stop the diversion of 9-1-1 funds that are collected from consumers for that specific purpose.

Following Commissioner Abernathy, there will be a panel discussion with Shawn Reese, of the Congressional Research Service; David Aylward, of the ComCare Alliance, which represents telecommunications companies, public safety agencies and medical personnel to encourage use of advanced telecommunications technology to save lives; and Richard Taylor, president of the National Emergency Number Association (NENA), which represents organizations to advance the use of 9-1-1 for emergencies.

The event will be Feb. 10, from 12:30 p.m.- 2 p.m. in Room 902 of the Senate Hart Office Building. RSVP to 202-293-4603 or to glr@e911institute.org

About the E911 Institute. The E9-1-1 Institute (www.e911institute.org) is a not-for-profit organization which provides administrative and policy support to the Congressional E9-1-1 Caucus. The purpose of the E9-1-1 Institute is to promote pubic education and awareness of E9-1-1 and emergency communications issues and serve the Congressional E9-1-1 Caucus as a clearinghouse of information on E9-1-1 and emergency communications issues. Gregory L. Rohde, former Administrator of the National Telecommunications and Information Administration, serves as the E9-1-1 Institute's Executive Director.