"Everyone should be deploying BCP 38! Wait, they are ...."

Dobbins, Roland rdobbins at arbor.net
Wed Feb 19 00:56:28 UTC 2014

On Feb 19, 2014, at 4:52 AM, Tony Tauber <ttauber at 1-4-5.net> wrote:

> maybe we should conclude that most of the spoofing is coming from somewhere else; perhaps including colo and cloud providers.

My theory - not yet backed by data - is that probably most spoofed traffic these days does in fact emanate from IDC networks, and that a non-trivial proportion of same emanates from a relatively small number of such networks.

In many cases, it's possible to put 'naked' hosts on home broadband connections, however - and how common that is, and what proportion of those broadband access networks don't run any form of anti-spoofing, is an open question.

Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton

More information about the NANOG mailing list