The void - an interesting place for network security monitoring

The Internet void, under normal conditions, is a boring place because it is free of any content, but by deeply inspecting a "black-hole" monitoring data set, surprising results appear. A question that arises is, why is there traffic, what are possible security impacts and is it there on purpose or mischance. In this paper, we highlight some examples from our journey to the noise of the Internet which range from badly configured systems to various unexplained events and to leaked sensitive data.



  • Cynthia Wagner, Fondation RESTENA, CSIRT
  • Alexandre Dulaunoy, CIRCL-Computer Incident Response Center Luxembourg
  • Gérard Wagener, CIRCL-Computer Incident Response Center Luxembourg
  • Marc Stiefer, Fondation RESTENA, CSIRT

Part of session

Fighting network threats

Related documents