Internet background noise


Internet background noise consists of data packets on the Internet which are addressed to IP addresses or ports where there is no network device set up to receive them.
These packets often contain unsolicited commercial or network control messages, or are the result of port scans and worm activities.
Some DSL modems have a hard-coded IP address to look up the correct time.

Historical context

In the first 10 years of the internet, there was very little background noise but with its commercialization in the 1990s the noise factor became a permanent feature.
The Conficker worm in recent times was responsible for a large amount of background noise generated by viruses looking for new victims. In addition to malicious activities, misconfigured hardware and leaks from private networks are also sources of background noise.

2000s

As of November 2010, it is estimated that 5.5 gigabits of background noise are generated every second.
It was also estimated in the early 2000s that a dial-up modem user loses about 20 bits per second of their bandwidth to unsolicited traffic. Over the past decade, the amount of background noise for an IPv4 /8 address block has increased from 1 to 50 Mbit/s. The newer IPv6 protocol, which has a much larger address space, will make it more difficult for viruses to scan ports and also limit the impact of misconfigured equipment.
Internet background noise has been used to detect significant changes in Internet traffic and connectivity during the 2011 political unrest from IP address blocks that were geolocated to Libya.
Backscatter is a term coined by Vern Paxson to describe Internet background noise resulting from a DDoS attack using multiple spoofed addresses. This backscatter noise is used by network telescopes to indirectly observe large scale attacks in real time.