nanog mailing list archives

Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have)

From: Valdis.Kletnieks () vt edu
Date: Thu, 08 Aug 2013 13:52:42 -0400

On Thu, 08 Aug 2013 12:46:10 -0500, Blake Dunlap said:

I noticed that two of my ASNs are on that list for example with low
numbers. I can't fathom how as at least one of them has uRPF implemented on
any actual interfaces and no downstreams/peers.


Most likely, you have places where one host in a /24 or /28 can spoof
a packet claiming to be another host in the same subnet, and have the
spoofed packet escape into the outside world.  There's really no way to
stop that unless you get *really* fascist with your edge-host facing
routers/switches.

Attachment: _bin
Description:

Current thread:

Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have), (continued)
- - - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Matthew Petach (Aug 08)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Jared Mauch (Aug 08)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Florian Weimer (Aug 11)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Jimmy Hess (Aug 11)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Jared Mauch (Aug 11)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Florian Weimer (Aug 11)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Christopher Morrow (Aug 11)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Florian Weimer (Aug 11)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Heather Schiller (Aug 22)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Blake Dunlap (Aug 08)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Valdis . Kletnieks (Aug 08)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Jared Mauch (Aug 08)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Blake Dunlap (Aug 08)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Jared Mauch (Aug 08)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Blake Dunlap (Aug 08)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Jared Mauch (Aug 08)
    - Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have) Jared Mauch (Aug 08)