Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have)

• Previous message (by thread): Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have)
• Next message (by thread): Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Christopher Morrow:

> On Sun, Aug 11, 2013 at 11:40 AM, Florian Weimer <fw at deneb.enyo.de> wrote:
>
>> Apparently, they're implementing DNS proxy by destination-NATting, and
>> because they listen also on the WAN interface, they get the source
>> address wrong.
>>
>> This is quite scary.
>
> which part? the fact that most NAT implementations on CPE are crap? or
> the spoofing bit?

The spoofing bit.  Among other things, it makes the impact of CPE
crappiness non-localized.

• Previous message (by thread): Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have)
• Next message (by thread): Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]