Spoofer Report for NANOG for Mar 2022

• Previous message (by thread): Ready to compromise? was RE: V6 still not supported
• Next message (by thread): Something observed while doing IRR cleanup (generic name collisions)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In response to feedback from operational security communities,
CAIDA's source address validation measurement project
(https://spoofer.caida.org) is automatically generating monthly
reports of ASes originating prefixes in BGP for systems from which
we received packets with a spoofed source address.
We are publishing these reports to network and security operations
lists in order to ensure this information reaches operational
contacts in these ASes.

This report summarises tests conducted within usa, can.

Inferred improvements during Mar 2022:
ASN    Name                                           Fixed-By
36289  VALORCHRISTIANHIGHSCHOOL-01                    2022-03-11

Further information for the inferred remediation is available at:
https://spoofer.caida.org/remedy.php

Source Address Validation issues inferred during Mar 2022:
ASN    Name                           First-Spoofed Last-Spoofed
54825  PACKET                            2016-04-15   2022-03-14
209    CENTURYLINK-US-LEGACY-QWEST       2016-08-16   2022-03-24
6128   CABLE-NET-1                       2016-09-03   2022-03-14
20412  CLARITY-TELECOM                   2016-09-30   2022-03-31
6181   FUSE-NET                          2016-10-10   2022-03-25
1403   EBOX                              2016-11-12   2022-03-17
22898  ATLINK                            2016-12-16   2022-03-30
812    ROGERS-COMMUNICATIONS             2017-01-04   2022-03-15
701    UUNET                             2017-06-14   2022-03-24
63296  AWBROADBAND                       2017-09-01   2022-03-22
33452  RW                                2018-09-19   2022-03-26
8047   GCI                               2019-04-11   2022-03-10
5078   ONENET-AS-1                       2020-04-06   2022-03-22
398836 NP-NETWORKS                       2021-03-12   2022-03-25
56207  Converge                          2021-03-26   2022-03-31
22191  WILKES-COMM                       2021-06-25   2022-03-13
399318                                   2021-08-29   2022-03-15
63457  EMPIRE-CONNECT                    2021-09-08   2022-03-31
212934 AS_POTVIN                         2021-10-03   2022-03-22
22773  ASN-CXA-ALL-CCI-22773-RDC         2021-10-24   2022-03-31
394437 PSLIGHTWAVE                       2021-12-02   2022-03-12
62887  WHITESKY-COMMUNICATIONS           2021-12-03   2022-03-17
54201  WEWORK-MANAGEMENT-LLC             2021-12-16   2022-03-23
7896   NU                                2022-01-12   2022-03-11
31939  GM-ATL                            2022-03-03   2022-03-03
36289  VALORCHRISTIANHIGHSCHOOL-01       2022-03-08   2022-03-10
399065 DEFASTLINK                        2022-03-12   2022-03-27
19752  HYDROONETELECOM                   2022-03-13   2022-03-13
398371 ORANGE-COUNTY-BROADBAND-AUTHOR    2022-03-13   2022-03-13
32035  CCDT                              2022-03-14   2022-03-14
47027  SEASIDE-COMM                      2022-03-22   2022-03-22
33696  NEXTARRAY-ASN-01                  2022-03-30   2022-03-30

Further information for these tests where we received spoofed
packets is available at:
https://spoofer.caida.org/recent_tests.php?country_include=usa,can&no_block=1

Please send any feedback or suggestions to spoofer-info at caida.org

• Previous message (by thread): Ready to compromise? was RE: V6 still not supported
• Next message (by thread): Something observed while doing IRR cleanup (generic name collisions)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]