This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[atlas] Spoofing measurenments
- Previous message (by thread): [atlas] Spoofing measurenments
- Next message (by thread): [atlas] Spoofing measurenments
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Pavel Odintsov
pavel.odintsov at gmail.com
Wed Nov 18 13:23:33 CET 2015
Hello! Could somebody share link to archives with previous discussion of this ethical question? On Wed, Nov 18, 2015 at 3:18 PM, Jen Linkova <furry13 at gmail.com> wrote: > On Wed, Nov 18, 2015 at 12:57 PM, Alexander Lyamin <melanor9 at gmail.com> wrote: >> Do we have a statistics on what percentage of probes operate behind NAT? > > There is a tag "IPv4 RFC1918" so you can select all probes with that > tag to get that number. > >> On Tue, Nov 17, 2015 at 7:03 PM, Pavel Odintsov <pavel.odintsov at gmail.com> >> wrote: >>> >>> Hello! >>> >>> Thanks for answer! >>> >>> But actually we have huge issues with IPv4. Could we collect this >>> stats with full anonymous approach for bitting ethical problem here? >>> >>> So we definitely need number of networks who ignore this rules. >>> >>> On Tue, Nov 17, 2015 at 8:00 PM, Jen Linkova <furry13 at gmail.com> wrote: >>> > On Tue, Nov 17, 2015 at 5:50 PM, Pavel Odintsov >>> > <pavel.odintsov at gmail.com> wrote: >>> >> I'm writing from RIPE71 / Anti spoofing BoF. So I want to ask for some >>> >> difficult ethical question. >>> >> >>> >> Could we detect probe hosts who do not deploy outgoing filtering and >>> >> accept spoofed traffic? >>> >> >>> >> We need to know amount of they. It's really important for solving >>> >> spoofing issue in Internet scale. >>> > >>> > It's been discussed before and some ethical concerns have been raised >>> > by RIPE NCC. >>> > >>> > From pure technical point of view I think it might be possible some >>> > data for Ipv6 (with some false negatives): >>> > >>> > - a probe could generate ULA prefix for itself and send traffic from >>> > that ULA source to, let's say, some anchors (or some other pre-defined >>> > target which is known for allowing packets from ULA sources). >>> > Receiving such packet from a probe would prove tat there is no BCP38 >>> > filtering on the path (however blocking packets proves only the fact >>> > that ULAs are being blocked, not real spoofed packets). Or maybe a >>> > probe might get a GUA IP address from RIPE prefix and use it as a >>> > source.. >>> > As bi-directional communication is not necessary, any source address >>> > would work. >>> > >>> >> >>> >> -- >>> >> Sincerely yours, Pavel Odintsov >>> >> >>> > >>> > >>> > >>> > -- >>> > SY, Jen Linkova aka Furry >>> >>> >>> >>> -- >>> Sincerely yours, Pavel Odintsov >> >> >> >> >> -- >> connecting the dots > > > > -- > SY, Jen Linkova aka Furry -- Sincerely yours, Pavel Odintsov
- Previous message (by thread): [atlas] Spoofing measurenments
- Next message (by thread): [atlas] Spoofing measurenments
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]