This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[atlas] Spoofing the source IP address from a probe?

Previous message (by thread): [atlas] Spoofing the source IP address from a probe?
Next message (by thread): [atlas] Spoofing the source IP address from a probe?

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrei Robachevsky robachevsky at isoc.org
Mon Jul 29 17:28:37 CEST 2013

Alex Saroyan wrote on 7/18/13 8:53 AM:
> Hi,
> 
> I think some hosts would like theirs probes to be used for "source IP
> spoofing" check, and only such probes could be used for this particular
> type of check.
> If RIPE Atlas team implement such features then probably many hosts will
> "enable" "Source IP spoofing check ability" on theirs probes and that
> can serve for community at the end.

I support this point of view. I think controlled (anti-)spoofing
measurements performed by the RIPE NCC with the consent of participating
probes would be a good service to the community. I understand that a
certain percentage of probes is sitting behind NAT where spoofing won't
work in most cases, but there is hopefully a significant number of
probes that are connected directly.

Regarding the problem itself we are tackling here, we published a follow
up to the panel we held at RIPE66:
http://www.internetsociety.org/doc/anti-spoofing-continuing-dialogue.
Hope this helps raising awareness of the issue further.


> Of course overall mechanism should be in a way not make anyone to
> suspect that probe can do spoofing by default or probe can do any
> harmful thing.
>

Agree,

Andrei


> Alex Saroyan
> 
> On 06/12/2013 10:37 PM, Daniel Karrenberg wrote:
>> On 12.06.2013, at 17:44 , Joe Provo <jzp-ripe at rsuc.gweep.net> wrote:
>>
>>> I would encourage those in the community who wish to be
>>> performing individual spoof testing (or instruct others how
>>> to do so) to use the easy-peasey pointy-clicky CAIDA/CSAIL
>>> tool: http://spoofer.cmand.org/
>>> (also spoofer.csail.mit.edu, spooftest.net, etc etc)
>> Seconded. Using this something like this  is a conscious decision of
>> the user. I have personally run Robert Beverley's probes regularly for
>> many years and I am proud to say that both my broadband providers have
>> never allowed source address spoofing. This involves a conscious
>> decision on my part taking into account local network etiquette, my
>> relation to my providers and the local legal situation. It is very
>> very different from the RIPE community deciding to use RIPE Atlas to
>> do this from my network.
>>
>> Daniel
> 
>

Previous message (by thread): [atlas] Spoofing the source IP address from a probe?
Next message (by thread): [atlas] Spoofing the source IP address from a probe?

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ ripe-atlas Archives ]