nanog mailing list archives
RIPE IP Anti-Spoofing Task Force (Was: private ip addresses from ISP)
From: Jeroen Massar <jeroen () unfix org>
Date: Wed, 17 May 2006 16:40:43 +0200
On Wed, 2006-05-17 at 15:14 +0100, Ivan Groenewald wrote: [..]
If you mean you are getting traffic destined for RFC1918 space, then make sure you aren't announcing those networks to your upstreams by accident. Poor upstream configs/filters could allow stuff like that to escape to peers of the upstream. (stranger things have happened)
[..] On a related note, RIPE has started an "IP Anti-Spoofing Task Force", see http://www.ripe.net/ripe/tf/anti-spoofing/ for more information. Greets, Jeroen -- RIPE "IP Anti-Spoofing" Task Force ================================== IP source address spoofing is the practice of originating IP datagrams with source addresses other than those assigned to the host of origin. In simple words the host pretends to be some other host. This can be exploited in various ways, most notably to execute DoS amplification attacks which cause an amplifier host to send traffic to the spoofed address. There are many recommendations to prevent IP spoofing by ingress filtering, e.g. checking source addresses of IP datagrams close to the network edge. At RIPE-52 in Istanbul RIPE has established a task force that promotes deployment of ingress filtering at the network edge by raising awareness and provide indirect incentives for deployment. Document ripe-379 provides the task force charter and the initial time-line. The mailing list archive is at http://www.ripe.net/ripe/maillists/archives/spoofing-tf/2006/index.html The task force web page is at http://www.ripe.net/ripe/tf/anti-spoofing/ The task force is co-chaired by Nina Hjorth Bargisen (NINA1-RIPE) and Daniel Karrenberg (DK58).
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- private ip addresses from ISP adrian kok (May 17)
- RE: private ip addresses from ISP Ivan Groenewald (May 17)
- RIPE IP Anti-Spoofing Task Force (Was: private ip addresses from ISP) Jeroen Massar (May 17)
- RE: private ip addresses from ISP David Schwartz (May 17)
- <Possible follow-ups>
- RE: private ip addresses from ISP Andrew Kirch (May 22)
- Re: private ip addresses from ISP Hyunseog Ryu (May 22)
- Re: private ip addresses from ISP Richard A Steenbergen (May 23)
- Re: private ip addresses from ISP Edward B. DREGER (May 23)
- Re: private ip addresses from ISP Patrick W. Gilmore (May 23)
- Re: private ip addresses from ISP Richard A Steenbergen (May 23)
- Re: private ip addresses from ISP sthaug (May 23)
- Re: private ip addresses from ISP Patrick W. Gilmore (May 23)
- RE: private ip addresses from ISP Ivan Groenewald (May 17)