[164930] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not

daemon@ATHENA.MIT.EDU (Florian Weimer)
Sun Aug 11 12:14:22 2013

From: Florian Weimer <fw@deneb.enyo.de>
To: Christopher Morrow <morrowc.lists@gmail.com>
Date: Sun, 11 Aug 2013 18:14:28 +0200
In-Reply-To: <CAL9jLaZK0QKSh8GULf0UfPP3toFD=h2P1v3m4y4X18E76eU0+g@mail.gmail.com>
 (Christopher Morrow's message of "Sun, 11 Aug 2013 12:02:52 -0400")
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

* Christopher Morrow:

> On Sun, Aug 11, 2013 at 11:40 AM, Florian Weimer <fw@deneb.enyo.de> wrote:
>
>> Apparently, they're implementing DNS proxy by destination-NATting, and
>> because they listen also on the WAN interface, they get the source
>> address wrong.
>>
>> This is quite scary.
>
> which part? the fact that most NAT implementations on CPE are crap? or
> the spoofing bit?

The spoofing bit.  Among other things, it makes the impact of CPE
crappiness non-localized.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[164930] in North American Network Operators' Group

Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not

daemon@ATHENA.MIT.EDU (Florian Weimer)Sun Aug 11 12:14:22 2013

daemon@ATHENA.MIT.EDU (Florian Weimer)
Sun Aug 11 12:14:22 2013