According to
http://www.nytimes.com/aponline/technology/AP-TechBit-Wikipedia-Block.html
all of Qatar appears on the net as a single IP address. I don't know
if it's NAT or a proxy that you need to use to get out to the world,
but whatever the exact cause, it had a predictable consequence -- the
entire country was barred from editing Wikipedia, due to abuse by
(presumably) a few people.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
Half related, the amazing Steven Murdoch did some traffic analysis on a
similar issue, trying to detect machines behind the annonyzing Tor network.
"By requesting timestamps from a computer, a remote adversary can find out
the precise speed of its system clock. As each clock crystal is slightly
different, and varies with temperature, this can act as a fingerprint of
the computer and its location."
ftp://ftp.fortunaty.net/video/23c3/wmv/timeskew2-t2s1.wmv
http://events.ccc.de/congress/2006/Fahrplan/events/1513.en.html
Anyone remember CAIDA's study on the crystals for detecting machines
through NATs?
http://www.caida.org/publications/papers/2005/fingerprinting/KohnoBroidoClaffy05-devicefingerprinting.pdf
Another good lecture on traffic analysis at CCC, which was an
introduction by George Danezis:
http://events.ccc.de/congress/2006/Fahrplan/attachments/1185-DanezisTAIntro.pdf
Gadi.
I wonder what they use the other 241663 addresses for.
Internal addressing, perhaps, if the AP story is correct.
Honeypots?
(As I noted, there might also be a port 80 packet filter, combined with
an official web proxy that can get out.)
--Steve Bellovin, http://www.cs.columbia.edu/~smb
I think I read at Wikipedia that this is their proxy-servers IP address (or proxy server farm probably).
Also, the only thing that was stopped was anonymous editing, editing after login and anonymous reading wasn't stopped.
Le Wed, Jan 03, 2007 at 07:07:22PM -0500, Joseph S D Yao a �crit :
> I wonder what they use the other 241663 addresses for.
Internal addressing, perhaps, if the AP story is correct.
Servers maybe ? I hope that they are not NATed.
Taping devices may need a separate management address too 
> all of Qatar appears on the net as a single IP address.
I wonder what they use the other 241663 addresses for.
Same as you.
To address the many machines and networks in Qatar.
The existence of a NAT gateway to one portion of the
Internet does not remove the need for registered IP
addresses. They are still needed to avoid addressing
conflicts in the portion of the Internet which is
not behind the gateway.
--Michael Dillon
Whatever.
The point is that IF it's true that they NAT (or proxy) the whole country, it's not because of lack of addresses. In other words, whatever ill effects befall them as a result, they only have themselves to blame.
By the way, I have two different .qa domain names in my WWW logs, one with "proxy" in it and one with "nat" in it...