[147775] in North American Network Operators' Group
Re: Any tools to help network security
daemon@ATHENA.MIT.EDU (David Miller)
Wed Dec 21 14:13:06 2011
Date: Wed, 21 Dec 2011 14:12:12 -0500
From: David Miller <dmiller@tiggee.com>
To: nanog@nanog.org
In-Reply-To: <20111221.200316.41697039.sthaug@nethelp.no>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 12/21/2011 2:03 PM, sthaug@nethelp.no wrote:
>> We discover there are so many (source) ip not belonging to our network
>> to go to outside.
>>
>> We can block it but don't know how to locate the source.
>>
>> Any tools can be easily found out.
> http://lmgtfy.com/?q=unicast+rpf
>
> Steinar Haug, Nethelp consulting, sthaug@nethelp.no
>
Also - http://lmgtfy.com/?q=tracing+spoofed+source+on+network
Which get you to some strategies for finding the source(s) on your
network (which I believe was the OP's question). Including:
http://www.csm.ornl.gov/~dunigan/oci/bktrk.html
http://www.cymru.com/Documents/tracking-spoofed.html
-DMM
