[168672] in North American Network Operators' Group
Re: BCP38.info
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Mon Feb 3 02:22:38 2014
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: NANOG <nanog@nanog.org>
Date: Mon, 3 Feb 2014 07:22:19 +0000
In-Reply-To: <40F74E06-0BC1-4177-838B-8A13CA752BE5@puck.nether.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 29, 2014, at 3:03 AM, Jared Mauch <jared@puck.nether.net> wrote:
> Sure, but this means that network is allowing the spoofing :)
>=20
> What I did last night was automated comparing the source ASN to the dest =
ASN mapped to and reported both the IP + ASN on a single line for those tha=
t were interested.
This is pretty slick, relying upon broken CPE NAT implementations. It's th=
e only way I've heard of to remotely infer whether or not a given network a=
llows spoofing.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
