BCP38.info
Dobbins, Roland
rdobbins at arbor.net
Mon Feb 3 07:22:19 UTC 2014
On Jan 29, 2014, at 3:03 AM, Jared Mauch <jared at puck.nether.net> wrote:
> Sure, but this means that network is allowing the spoofing :)
>
> What I did last night was automated comparing the source ASN to the dest ASN mapped to and reported both the IP + ASN on a single line for those that were interested.
This is pretty slick, relying upon broken CPE NAT implementations. It's the only way I've heard of to remotely infer whether or not a given network allows spoofing.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
More information about the NANOG
mailing list