funsec mailing list archives
Spoofer Project
From: Paul Ferguson <fergdawgster () gmail com>
Date: Thu, 28 Mar 2013 18:03:51 -0700
Hi, funsec people. :-) This kind of goes hand-in-hand with a much larger community project, but I'd like to encourage you to participate in the Spoofer Project, and share the results: http://spoofer.csail.mit.edu/ Please take a moment to download the software (it is safe, I promise!) -- there are software packages available for Mac OSX, Windows, and Linux. The source code is also available if you care to inspect it. I am simply curious to see if any of your home ISPs allow spoofed packets to originate from within their downstream customer networks. As some of you may (or may not) know, I co-authored BCP38 [1], which was published in May 2000, and yet there are an astounding number of ISP networks on the planet that still allow traffic with spoofed source addresses to originate from within their networks. This is the primary culprit in generated DNS Amplification Attacks, an issue which several of us are currently engaged in, and will be talking about for the months (and years?) to come in our community outreach. So if you have a few free moment, please take a few moments when you are at home and let me know the results. Thanks, - ferg [1] https://tools.ietf.org/html/bcp38 -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Spoofer Project Paul Ferguson (Mar 28)
- Re: Spoofer Project Jerry (Mar 28)