This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ripe-atlas@ripe.net/
[atlas] Spoofing measurenments
- Previous message (by thread): [atlas] Spoofing measurenments
- Next message (by thread): [atlas] Spoofing measurenments
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jen Linkova
furry13 at gmail.com
Tue Nov 17 18:00:08 CET 2015
On Tue, Nov 17, 2015 at 5:50 PM, Pavel Odintsov <pavel.odintsov at gmail.com> wrote: > I'm writing from RIPE71 / Anti spoofing BoF. So I want to ask for some > difficult ethical question. > > Could we detect probe hosts who do not deploy outgoing filtering and > accept spoofed traffic? > > We need to know amount of they. It's really important for solving > spoofing issue in Internet scale. It's been discussed before and some ethical concerns have been raised by RIPE NCC. >From pure technical point of view I think it might be possible some data for Ipv6 (with some false negatives): - a probe could generate ULA prefix for itself and send traffic from that ULA source to, let's say, some anchors (or some other pre-defined target which is known for allowing packets from ULA sources). Receiving such packet from a probe would prove tat there is no BCP38 filtering on the path (however blocking packets proves only the fact that ULAs are being blocked, not real spoofed packets). Or maybe a probe might get a GUA IP address from RIPE prefix and use it as a source.. As bi-directional communication is not necessary, any source address would work. > > -- > Sincerely yours, Pavel Odintsov > -- SY, Jen Linkova aka Furry
- Previous message (by thread): [atlas] Spoofing measurenments
- Next message (by thread): [atlas] Spoofing measurenments
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]