[atlas] Spoofing measurenments
- Previous message (by thread): [atlas] Spoofing measurenments
- Next message (by thread): [atlas] Spoofing measurenments
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jen Linkova
furry13 at gmail.com
Tue Nov 17 18:00:08 CET 2015
On Tue, Nov 17, 2015 at 5:50 PM, Pavel Odintsov <pavel.odintsov at gmail.com> wrote: > I'm writing from RIPE71 / Anti spoofing BoF. So I want to ask for some > difficult ethical question. > > Could we detect probe hosts who do not deploy outgoing filtering and > accept spoofed traffic? > > We need to know amount of they. It's really important for solving > spoofing issue in Internet scale. It's been discussed before and some ethical concerns have been raised by RIPE NCC. >From pure technical point of view I think it might be possible some data for Ipv6 (with some false negatives): - a probe could generate ULA prefix for itself and send traffic from that ULA source to, let's say, some anchors (or some other pre-defined target which is known for allowing packets from ULA sources). Receiving such packet from a probe would prove tat there is no BCP38 filtering on the path (however blocking packets proves only the fact that ULAs are being blocked, not real spoofed packets). Or maybe a probe might get a GUA IP address from RIPE prefix and use it as a source.. As bi-directional communication is not necessary, any source address would work. > > -- > Sincerely yours, Pavel Odintsov > -- SY, Jen Linkova aka Furry
- Previous message (by thread): [atlas] Spoofing measurenments
- Next message (by thread): [atlas] Spoofing measurenments
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]