[atlas] "Spoofing" tests.
Tapio Sokura tapio.sokura at iki.fi
Sun Sep 15 04:04:57 CEST 2013
On 15.9.2013 3:19, Leo Bicknell wrote: > I would like to see RIPE try and spoof a RIPE IP from all the probes, > and report on the results, at least once. A big plus one to this suggestion. A big chunk of today's common ddos attack methods would simply disappear if all networks prevented source address spoofing. And for the rest of the attacks finding and eliminating the sources (or at least the middle men being abused for generating the traffic) would be a bit easier. A concrete demonstration on the prevalence(?) of networks allowing source address spoofing would help in getting this hole plugged, I would think. Publishing specific details about which ASes let spoofed packets out might be problematic, but publishing percentages and following how the percentage develops over time should not hurt. Tapio