Podcast appearances and mentions of doug madory

Send us a textJustin Ryburn is the Field CTO at Kentik and works as a Limited Partner (LP) for Stage 2 Capital. Justin has 25 years of experience in network operations, engineering, sales, and marketing with service providers and vendors. In this conversation, we discuss startup funding,  the challenges that organizations face with hybrid and multi-cloud visibility, the impact of AI on network monitoring, and explore how companies can build more reliable systems through proper observability practices.Where to Find JustinLinkedIn: https://www.linkedin.com/in/justinryburn/Twitter: https://x.com/JustinRyburnBlog: http://ryburn.org/Talks: https://www.youtube.com/playlist?list=PLRrjaaisdWrYaue9KVLRdq5mlGE_2i0RTShow LinksKentik: https://www.kentik.com/Day One: Deploying BGP FlowSpec: https://www.juniper.net/documentation/en_US/day-one-books/DO_BGP_FLowspec.pdfStage 2 Capital: https://www.stage2.capital/Doug Madory's Internet Analysis: https://www.kentik.com/blog/author/doug-madory/Netflix Tech Blog: https://netflixtechblog.com/Multi-Region AWS: https://www.pluralsight.com/resources/blog/cloud/why-and-how-do-we-build-a-multi-region-active-active-architectureAutoCon: https://events.networktocode.com/autocon/Follow, Like, and Subscribe!Podcast: https://www.thecloudgambit.com/YouTube: https://www.youtube.com/@TheCloudGambitLinkedIn: https://www.linkedin.com/company/thecloudgambitTwitter: https://twitter.com/TheCloudGambitTikTok: https://www.tiktok.com/@thecloudgambit

Doug Madory has been called “The Man Who Can See the Internet.” Doug has developed a reputation for identifying significant developments in the global layout of the internet. He joins us today to discuss his role in analyzing internet data to identify trends and insights. He shares his journey from a data QA position to... Read more »

Doug Madory has been called “The Man Who Can See the Internet.” Doug has developed a reputation for identifying significant developments in the global layout of the internet. He joins us today to discuss his role in analyzing internet data to identify trends and insights. He shares his journey from a data QA position to... Read more »

Last month, during APRICOT 2025 / APNIC 59, the Internet Society hosted its first Pulse Internet Measurement Forum (PIMF). PIMF brings together people interested in Internet measurement from a wide range of perspectives — from technical details to policy, governance, and social issues. The goal is to create a space for open discussion, uniting both technologists and policy experts. In this second special episode of PING, we continue our break from the usual one-on-one podcast format and present a recap of why the PIMF forum was held, and the last 3 short interviews from the workshop. First we hear a repeat of Amreesh Phokeer's presentation. Amreesh is from the Internet Society and discusses his role in managing the Pulse activity within ISOC. Alongside Robbie Mitchell, Amreesh helped organize the forum, aiming to foster collaboration between measurement experts and policy professionals. Next we hear from Beau Gieskens, a Senior Software Engineer from APNIC Information Products. Beau has been working on the DASH system and discusses his PIMF presentation on a re-design to an event-sourcing model which reduced database query load and improved speed and scaling of the service. We then have Doug Madory from Kentik who presented to PIMF on a quirk in how Internet Routing Registries or IRR are being used, which can cause massive costs in BGP filter configuration and is related to some recent route leaks being seen at large in the default free zone of BGP. Finally, we hear from Lia Hestina from the RIPE NCC Atlas project. Lia is the community Development officer, and focusses on Asia Pacific and Africa for the Atlas project. Lia discusses the Atlas system and how it underpins measurements worldwide, including ones discussed in the PIMF meeting. For more insights from PIMF, be sure to check out the PULSE Forum recording on the Internet Society YouTube feed

At the APRICOT/APNIC59 meeting held in Petaling Jaya in Malaysia last month, The internet society held it's first PIMF meeting. PIMF, or the Pulse Internet Measurement Forum is a gathering of people interested in Internet measurement in the widest possible sense, from technical information all the way to policy, governance and social questions. ISOC is interested in creating a space for the discussion to take place amongst the community, and bring both technologists and policy specialists into the same room. This time on PING, instead of the usual one-on-one format of podcast we've got 5 interviews from this meeting, and after the next episode from Geoff Huston at APNIC Labs we'll play a second part, with 3 more of the presenters from this session. First up we have Amreesh Phokeer from the Internet Society who manages the PULSE activity in ISOC, and along with Robbie Mitchell set up the meeting. Then we hear from Christoph Visser from IIJ Labs in Tokyo, who presented on his measurements of the "Steam" Game distribution platform used by Valve Software to share games. It's a complex system of application-specific source selection, using multiple Content Distribution Networks (CDN) to scale across the world, and allows Christoph to see into the link quality from a public API. No extra measurements required, for an insight into the gamer community and their experience of the Internet. The third interview is with Anand Raje, from AIORI-IMN, India's Indigenous Internet Measurement System. Anand leads a team which has built out a national measurement system using IoT "orchestration" methods to manage probes and anchors, in a virtual-environment which permits them to run multiple independent measurement systems hosted inside their platform. After this there's an interview with Andre Robachevsky from Global Cyber Alliance (GCA). Andre established the MANRS system, it's platform and nurtured the organisation into being inside ISOC. MANRS has now moved into the care of GCA and Andre moved with it, and discusses how this complements the existing GCA activities. FInally we have a conversation with Champika Wijayatunga from ICANN on the KINDNS project. This is a programme designed to bring MANRS-like industry best practice to the DNS community at large, including authoritative DNS delegates and the intermediate resolver and client supporting stub resolver operators. Champika is interested in reaching into the community to get KINDNS more widely understood and encourage its adoption with over 2,000 entities having completed the assessment process already. Next time we'll here from three more participants in the PIMF session: Doug Madory from Kentik, Beau Gieskins from APNIC Information Products, and Lia Hestina, from the RIPE NCC.

Host Phil Gervasi, along with Kentik's Doug Madory, welcomes Darwin Costa of DE-CIX. Darwin shares his personal journey from aspiring pro soccer player in Angola to pioneering engineer at the forefront of global connectivity. Discover how he and his teams overcame daunting challenges to lay submarine cables that bridge continents, improve performance, and lower costs. Join us to learn how new infrastructure and strategies are bringing faster, more reliable Internet access to regions once left behind.

Hosts Phil Gervasi and Doug Madory talk with Andrew Sullivan, President of the Internet Society, about the crucial role of the Internet Society in maintaining an open and accessible internet for all. They dive into Andrew's extensive background with the IETF, the Internet Architecture Board, and his work with major networking vendors. Learn about the technical and policy challenges in keeping the internet globally connected and secure, the impact of government regulations, and the importance of ensuring that the internet remains a force for good in society.

Host Philip Gervasi talks with Doug Madory and Job Snijders about the importance of RPKI in securing Internet routing. They explore the recent milestone of RPKI covering 50% of IPv4 routes, the process of route origin validation (ROV), and the role of ROAs. They also discuss the impact of ROA expirations and future advances in Internet routing security. Tune in to learn how RPKI contributes to a more stable and secure Internet.

Submarine telecommunication cables have been in the news a lot lately with recent cable cuts in several parts of the world, most notably in the Red Sea in the spring of 2024. This kind of activity is certainly not good for global communications, but it has given rise to a new interest in how submarine cables actually connect the world and give us the internet we have today. There are over 500 active submarine telecom cables right now with new ones coming online soon running longer distances, with greater capacity, and connecting more geographic areas than ever before, so it goes without saying that they are also a growing attack surface for bad actors in the world. In this episode, host Phillip Gervasi is joined by Doug Madory, an expert in internet measurement and submarine cable activity. We dive into the implications of recent submarine cable cuts in the Red Sea, and discuss the critical role these cables play in global communication. We explore how cables are laid, repaired, and the unique challenges they face, including geopolitical tensions and natural hazards. Join us as we illuminate the complex, often unseen world of submarine telecommunication infrastructure.Helpful links:* https://www.kentik.com/blog/what-caused-the-red-sea-submarine-cable-cuts/* https://www.kentik.com/blog/outage-in-egypt-impacted-aws-gcp-and-azure-interregional-connectivity/* https://blog.cloudflare.com/undersea-cable-failures-cause-internet-disruptions-across-africa-march-14-2024* https://www.reuters.com/world/africa/african-internet-outage-was-caused-by-subsea-cable-break-mainone-says-2024-03-15/

Our guest today is Doug Madory, the director of Internet analysis at Kentik.He shares his journey from being a curious kid who transcribed games from magazines to becoming a world-renowned expert in Internet measurement and data analysis.Doug explains what Internet analysis is and how he uses data to uncover the secrets and mysteries of the Internet infrastructure. He also talks about his work at various startups and companies, such as Renesys, Dyn, Oracle, and Kentik, and some of the patents and publications he has authored or co-authored. We discuss the value of asking questions, learning from mistakes, and supporting your salespeople. We also delve into the challenges and benefits of remote work, especially for new hires and interns, and how to network and connect with people at conferences.-I'm here to lobby for the role of an analyst.Going  into a a data set and figure out what's interesting and be able to tell that story to other folks is, I think, an underappreciated skill set.I intend to be doing it until the day I die.-Doug's Links: LinkedInTwitterWikipedia--Thanks for being an imposter - a part of the Imposter Syndrome Network (ISN)! We'd love it if you connected with us on LinkedIn: https://www.linkedin.com/company/the-imposter-syndrome-network-podcast Make it a great day.

All of these African countries have suffered major internet disruption this month: Ivory Coast, Liberia, Benin, Ghana, Nigeria, South Africa, Namibia, Burkina Faso. This meant people couldn't do everyday things like post on social media, send money to each other or order taxis. It's because of damage to some of the underwater cables off the coast of west Africa. These cables, some only as thick as a garden hose, span thousands of miles and are responsible for most of the earth's internet access. BBC Africa business reporter Jewel Kiriungi tells the affected countries are dealing with being knocked offline.And internet infrastructure expert Doug Madory explains how exactly this vast network of cables works and what might have happened to cause the online blackout. Instagram: @bbcwhatintheworld WhatsApp: +44 0330 12 33 22 6 Email: whatintheworld@bbc.co.uk Presenter: Hannah Gelbart Producers: Julia Ross Roy, Alex Rhodes and Adam Chowdhury Editor: Verity Wilde and Simon Peeks

We hear a lot about BGP security incidents--but what is really going on? How often do these happen, and how much damage do they do? Doug Madory, who monitors these things for Kentik, joins Russ White and Tom Ammon to talk about BGP security in the wild.

Understanding outages and shutdowns and how the Internet as a whole came to be vulnerable to, and also resilient against, these kinds of events requires more than a snapshot of the current state affairs. In this episode, Jim Cowie talks about how historical measurement data can help us acquire a better understanding of the Internet.01:40 - There's a nice, short introduction to Jim and his background right here.03:11 - RIPE RIS04:50 - Jim on the 2011 outage in Egypt07:05 - Jim has since confirmed that the Renesys team was indeed using RIS BGP data since September 2001, though Routeviews remains another invaluable source of BGP data.12:35 - Jim's presentation at CAPIF113:42 - Resilience of the Internet in Ukraine on RIPE Labs15:30 - Jim on the Rogers Outage over on the Pulse blog21:43 - Doug Madory on Cuba and the Geopolitics of Submarine Cables31:30 - GEODE on the RIPE Labs podcast33:30 - RIPE Atlas Hosted on Acast. See acast.com/privacy for more information.

Internet shutdowns are now the first page of the dictator's playbook. Control the lines of communication, and you can control the populace.In this episode, Doug Madory of internet infrastructure analysts Kentik talks to host Chris Stokel-Walker about how leaders around the world crack down on freedom of expression online; what happens when these tools of control are utilised during major world events; and what ramifications internet shutdowns have for us all.Find out more about ARTICLE 19's work and follow us on:Twitter: https://twitter.com/article19org Facebook: https://www.facebook.com/ARTICLE19org LinkedIn: https://www.linkedin.com/company/article19/

Network AF welcomes Doug Madory back to the podcast to discuss current events, including Russia invading Ukraine, and recent internet-related issues in Syria and Egypt. Doug is Kentik's Director of Internet Analysis, and uses BGP and traffic data to write about happenings with networks on a worldwide scale. Together with Kentik CEO and show host Avi Freedman, the two dive into the real-world implication of geopolitical events on the state of networking.Highlights of today's conversation include:[01:35] The current situation in Ukraine[05:30] Route-jacking, forcing traffic through unknown infrastructure[09:24] What internet activity looks like in Ukraine now[12:09] Egypt and the cable "cutting" event, discussing submarine consortium cables[17:37] The paths of submarine and overland circuit connections, how it impacts the flow of internet access across countries[22:20] Connectivity can be much more network topological than geographically topological[25:36] Syria and shutting down the Internet as the new norm

DCD's Sebastian Moss talks to Doug Madory, the director of Internet analysis at Kentik, about the developing situation in Ukraine and Russia. We discuss telco disruptions, misinformation, false BGP hijacks, Cogent and Lumen's disconnection claims, whether Russia could drop off from the Internet, and more.

In this week's episode, you'll hear our host Avi and guest Doug Madory's conversation around internet analysis. Doug is the Director of Internet Analysis here at Kentik, with previous experience at Oracle and Dyn in the same role. Today he shares how he got into technology and his career in the Air Force. Doug later dives into what it's like building relationships with the press and working with them as an internet analyst. You'll get to hear about some of the essential stories highlighted throughout his career, as well. Listen now!

Director of Internet Analyis at Kentik, Doug Madory, joins the podcast to shed light on the mysterious appearance of unused IPv4 space belonging to the US Department of Defense: the strange connection to a Florida company now managing the world's largest honeypot; the odd Inauguration Day timing of this discovery;, and why enterprise network defenders should pay very close attention.

Jeff writes, "Three Internet security experts have accused state-owned telecom giant China Telecom of diverting internal U.S. Internet traffic through China. The purpose, apparently, was corporate espionage."   According to Doug Madory, an expert on Internet traffic at Silicon Valley software maker Oracle, China Telecom’s network sent out false signals that diverted Internet traffic supposedly bound for the Verizon network onto the China Telecom network. The traffic passed through Hangzhou and other Chinese cities, and this went on undetected for an incredible 30 months, from late 2015 through 2017, according to Madory.  

Jeff writes, "Three Internet security experts have accused state-owned telecom giant China Telecom of diverting internal U.S. Internet traffic through China. The purpose, apparently, was corporate espionage."   According to Doug Madory, an expert on Internet traffic at Silicon Valley software maker Oracle, China Telecom’s network sent out false signals that diverted Internet traffic supposedly bound for the Verizon network onto the China Telecom network. The traffic passed through Hangzhou and other Chinese cities, and this went on undetected for an incredible 30 months, from late 2015 through 2017, according to Madory.  

Jeff writes, "Three Internet security experts have accused state-owned telecom giant China Telecom of diverting internal U.S. Internet traffic through China. The purpose, apparently, was corporate espionage." According to Doug Madory, an expert on Internet traffic at Silicon Valley software maker Oracle, China Telecom’s network sent out false signals that diverted Internet traffic supposedly bound for the Verizon network onto the China Telecom network. The traffic passed through Hangzhou and other Chinese cities, and this went on undetected for an incredible 30 months, from late 2015 through 2017, according to Madory.

Jeff writes, "Three Internet security experts have accused state-owned telecom giant China Telecom of diverting internal U.S. Internet traffic through China. The purpose, apparently, was corporate espionage." According to Doug Madory, an expert on Internet traffic at Silicon Valley software maker Oracle, China Telecom’s network sent out false signals that diverted Internet traffic supposedly bound for the Verizon network onto the China Telecom network. The traffic passed through Hangzhou and other Chinese cities, and this went on undetected for an incredible 30 months, from late 2015 through 2017, according to Madory.

After reading articles by Doug Madory, and by Louis Poinsignon, here are some notes I observed and learned.[What happened in this incident?]Hackers somehow made some BGP routers of “eNet” to falsely announce that they own the following 5 IP subnets, which are indeed NOT belonging to “eNet”. The true owner is Amazon. To be more specific, they are for Amazon’s Route 53 DNS name resolution services.205.251.192.0/24205.251.193.0/24205.251.195.0/24205.251.197.0/24205.251.199.0/24The registered domain server for domain “MyEtherWallet.com” is hosted on Amazon Route 53.Hackers also somehow embedded malicious DNS server (or servers, I really don’t know) also inside service network of “eNet”.After that, any affected clients’ DNS query for domain “MyEtherWallet.com” would hit hacker’s malicious DNS server. Of course, malicious DNS server would respond with false IP addresses, and those false IP addresses are indeed hacker’s own web servers.At this moment, clients thought they were accessing “MyEtherWallet.com”, and they indeed were accessing hacker’s web servers.[Which clients are affected?]I believe all clients inside “eNet”, and any clients in other Internet Service Providers who trusted “eNet”’s false announcements, would be affected as well.[Network “eNet” should have been compromised for enough time]To falsely announce BGP routes, we must either change configurations of hardware routers, or BGP route servers (maybe on Linux).For me, to configure BGP correctly on a couple of Cisco routers is already a heavy task. It’s not easy. To modify existing BGP configurations to inject false announcements without getting noticed, or without breaking anything at the same time, is even a more difficult task for me.I really don’t think it would be easier to achieve the same results by working on BGP route servers.Moreover, hackers even embedded DNS server inside “eNet”’s service network. I really believe hackers had already controlled most of the hardware routers and some hardware servers, maybe for quite a long time, long enough for them to do all such modifications.I really think some hackers involved in this incident are quite skillful at network hardware maybe Cisco’s or Juniper’s. They could also be CCIEs.[BGP Injection, instead of BGP Leak]So, the last thing I want to say is, I would rather call this incident as BGP injection, instead of BGP leak.Why?If I hear someone says BGP Leaks, I would feel maybe some unknown bugs inside BGP protocol or some configuration errors caused this incident. As far as I understand now, I really think the false BGP announcements are “intentional”. I would rather say it is BGP Injection.Although no strong security mechanisms are defined in BGP protocol itself, in this case BGP protocol is not to blame.Flowers of East Asian sage, around Zhoumei Xian Zai Gang Park (洲美蜆仔港公園)Taipei City, Taiwan.One more thing…Amazon is also not to blame for this incident. Clients’ DNS query packets never reached Amazon at all.I suggest Internet Service Providers should pay more attention to the security of their service infrastructure. Don’t become another “eNet”.I also suggest Internet Service Providers should review their incoming BGP policy. In this case, some ISPs other than “eNet” were also affected because their BGP routers “trusted” “eNet”’s false announcements. They affected their own customers and forwarded that false information on at the same time.

我在ITHOME得知這個事件。綜合Doug Madory，還有Louis Poinsignon的這兩篇文章，我來整理發生了什麼事。「中島公園」的秋意濃日本札幌市【駭客的目標】駭客想要欺騙MyEtherWallet.com網站的用戶，改連接到駭客另外準備好的網站。我用瀏覽器作為例子，當不知情的用戶，瀏覽器網址列輸入「MyEtherWallet.com」打開的時候，會以為連接到官方的伺服器。實際上，連線到駭客自己準備好了的伺服器。另外一個背景資訊是，MyEtherWallet.com網站的服務，是架設在Amazon AWS雲運算服務上面的。他們DNS的地址解析，也是直接租用Amazon AWS上面的 Route 53服務。【什麼是Amazon Route 53?】對於一般的用戶來說，Amazon Route 53就是DNS解析服務。但是對於網站業者來說，Route 53是一個智慧型的DNS解析服務。網站伺服器通常都分布在全世界各地。Route 53能夠動態地針對目前各網站伺服器的負載、是否在線的狀態，或是所指定好的規則，針對不同的用戶端DNS請求，回應不同的IP地址。簡單的說，就是Amazon所提供的，全世界都可連接的負載均衡(Global Server Load-balancing)服務。補充一個背景資訊，提供Amazon Route 53服務的伺服器本身的主要公開IP地址，是包含在下面這五個公開地址段裡面。205.251.192.0/24205.251.193.0/24205.251.195.0/24205.251.197.0/24205.251.199.0/24換句話說，任何用戶的電腦，在解析MyEtherWallet.com的時候，都會向這五個地址段裡面的DNS伺服器，發出DNS解析請求封包。【BGP協議快速回顧】BGP協議所執行的工作，就是網路業者內部、或不同業者和業者之間的網路硬體，來交談和探知不同的IP地址段(IP Prefix)，分別由那些網路業者所擁有。這個IP地址段誰擁有的資訊，可以讓網路業者的網路硬體，知道不同目的地地址的封包，應該分別往哪個下一站送出。簡單地說，例如網路業者A宣稱擁有IP地址段X，所有參與BGP協議的網路硬體，都會將封包往趨近業者A的方向送出。因此，如果這個資訊是錯誤的，封包就會被往錯誤的方向送出。【駭客做了什麼】駭客想辦法讓美國eNet這家網際網路業者，透過BGP協議，偽冒Amazon的身分，宣稱擁有前面提到的Amazon Route 53的五個IP地址段的路由資訊。換句話說，受害用戶的解析DNS請求，會改成往eNet這家業者的網路送出。我的判斷，eNet業者網路裡面，一定也存在駭客準備好的DNS解析伺服器，IP地址剛好就設定成前面提到的五個地址段內的地址，因此，這些伺服器，可以攔截到受害用戶的DNS解析請求。當然，駭客伺服器回應的解析結果，就是駭客自己準備好了的網站伺服器IP地址。目前已知，這些駭客準備好的網站伺服器，都不在美國國內。另外，只要相信了eNet所宣稱資訊的其他業者，他們的網路用戶，只要打開MyEtherWallet.com網址，受害的結果都是一樣的。因此，駭客的確達到他們設計的目標。One more thing…雖然還沒有足夠證據明確指控，我幾乎可以確定，駭客已經差不多控制了 eNet這個網路業者。不只是能夠產生偽冒的BGP資訊，同時還在eNet網路內部植入了有問題的DNS名稱解析服務。因此，選擇足夠安全的網際網路業者，其實遠比想像中重要。另外，MyEtherWallet.com雖然租用了Amazon.com的各種服務，整個駭客的過程，其實都跟Amazon無關。封包根本就還沒有進入Amazon，就被往駭客的DNS服務送過去。