Spoofer Project

Jean | ddostest.me jean at ddostest.me
Wed Aug 9 22:19:11 UTC 2017

Is it me or NANOG's AS allowing spoofing?


On 17-08-03 09:19 PM, Matthew Luckie wrote:
> Hi,
> The CAIDA Spoofer project has been collecting and publicly sharing
> data on the deployment of source address validation since March 2016.
> We've built up a reasonably large install-base of the open-source
> client, and receive tests from 400-500 unique IPs per day.  We're
> posting reports with links to test outcomes on the spoofer website.
> In particular, we've got summary statistics for each AS at:
> https://spoofer.caida.org/as_stats.php
> If you know an operator for anyone on that list who has at least one
> spoofable prefix, please feel free to reach out to them and let them
> know.  I've been sending emails to abuse contacts for nearly a year
> now.  Roughly 1/5 ASes I've contacted have fixed at least one problem.
> The remediation we know about (automatically generated) is at:
> https://spoofer.caida.org/remedy.php
> In order to improve the notification emails, I'm also soliciting
> configuration snippets from operators who have deployed source address
> validation.  If you have deployed SAV and wouldn't mind sharing
> redacted configuration (privately is fine) including any necessary
> platform details (such as vendor and operating system) we would
> greatly appreciate it.  We will aggregate and post configuration
> snippets at https://spoofer.caida.org/
> Matthew

More information about the NANOG mailing list