This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[atlas] "Spoofing" tests.

Previous message (by thread): [atlas] "Spoofing" tests.
Next message (by thread): [atlas] "Spoofing" tests.

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrei Robachevsky robachevsky at isoc.org
Wed Sep 18 08:37:34 CEST 2013

[copying mat-wg, since it is about measureents]	

Lorenzo Colitti wrote on 9/18/13 6:42 AM:
> On Sun, Sep 15, 2013 at 11:57 AM, Randy Bush <randy at psg.com
> <mailto:randy at psg.com>> wrote:
> 
>     then again, if you think most of the botnets are behind broadband home
>     networks, it makes an interesting sample.  compare spoof density of
>     natted vs un-natted.  but then, how you gonna spoof from behind a nat?
> 
> 
> Just send the packet?
> 
> I expect a nontrivial proportion of NATs will just say "Source address
> not in 192.168.1.0/24 <http://192.168.1.0/24>? Cool, don't have to NAT!
> Just pass it along." :-)

If only we had data ;). It would be interesting, indeed, to see how
feasible spoofing is in a natted environment, broadband access networks
in particular. It seems that this is the case where spoofing may cause
serious problems to the provider itself, as opposed to someone else in
the Internet. So, one could assume that even if there are NATs that
allow this stupid thing, there maybe DOCSIS SAV and other safeguards in
the BB provider provisioning system.

Andrei

Previous message (by thread): [atlas] "Spoofing" tests.
Next message (by thread): [atlas] "Spoofing" tests.

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ ripe-atlas Archives ]