Jean | ddostest.me
jean at ddostest.me
Wed Aug 9 22:19:11 UTC 2017
Is it me or NANOG's AS allowing spoofing?
On 17-08-03 09:19 PM, Matthew Luckie wrote:
> The CAIDA Spoofer project has been collecting and publicly sharing
> data on the deployment of source address validation since March 2016.
> We've built up a reasonably large install-base of the open-source
> client, and receive tests from 400-500 unique IPs per day. We're
> posting reports with links to test outcomes on the spoofer website.
> In particular, we've got summary statistics for each AS at:
> If you know an operator for anyone on that list who has at least one
> spoofable prefix, please feel free to reach out to them and let them
> know. I've been sending emails to abuse contacts for nearly a year
> now. Roughly 1/5 ASes I've contacted have fixed at least one problem.
> The remediation we know about (automatically generated) is at:
> In order to improve the notification emails, I'm also soliciting
> configuration snippets from operators who have deployed source address
> validation. If you have deployed SAV and wouldn't mind sharing
> redacted configuration (privately is fine) including any necessary
> platform details (such as vendor and operating system) we would
> greatly appreciate it. We will aggregate and post configuration
> snippets at https://spoofer.caida.org/
More information about the NANOG