This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/mat-wg@ripe.net/
[mat-wg] [atlas] "Spoofing" tests.
- Previous message (by thread): [mat-wg] New on RIPE Labs: RIPE Atlas Anchors: Summary and Next Steps
- Next message (by thread): [mat-wg] RIPE NCC is Migrating the RIS Dashboard to RIPEstat
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Andrei Robachevsky
robachevsky at isoc.org
Wed Sep 18 08:37:34 CEST 2013
[copying mat-wg, since it is about measureents] Lorenzo Colitti wrote on 9/18/13 6:42 AM: > On Sun, Sep 15, 2013 at 11:57 AM, Randy Bush <randy at psg.com > <mailto:randy at psg.com>> wrote: > > then again, if you think most of the botnets are behind broadband home > networks, it makes an interesting sample. compare spoof density of > natted vs un-natted. but then, how you gonna spoof from behind a nat? > > > Just send the packet? > > I expect a nontrivial proportion of NATs will just say "Source address > not in 192.168.1.0/24 <http://192.168.1.0/24>? Cool, don't have to NAT! > Just pass it along." :-) If only we had data ;). It would be interesting, indeed, to see how feasible spoofing is in a natted environment, broadband access networks in particular. It seems that this is the case where spoofing may cause serious problems to the provider itself, as opposed to someone else in the Internet. So, one could assume that even if there are NATs that allow this stupid thing, there maybe DOCSIS SAV and other safeguards in the BB provider provisioning system. Andrei
- Previous message (by thread): [mat-wg] New on RIPE Labs: RIPE Atlas Anchors: Summary and Next Steps
- Next message (by thread): [mat-wg] RIPE NCC is Migrating the RIS Dashboard to RIPEstat
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ mat-wg Archives ]