Home page logo
/

funsec logo funsec mailing list archives

Re: Spoofer Project
From: Jerry <sec-acct.14 () oryx cc>
Date: Thu, 28 Mar 2013 23:49:13 -0500

FYI, spoofer compiles without issue (or even warnings) on Solaris.

Will forward run results results off line.



On 03/28/13 08:03 PM, Paul Ferguson wrote:
Hi, funsec people.  :-)

This kind of goes hand-in-hand with a much larger community project,
but I'd like to encourage you to participate in the Spoofer Project,
and share the results:

http://spoofer.csail.mit.edu/

Please take a moment to download the software (it is safe, I promise!)
-- there are software packages available for Mac OSX, Windows, and
Linux. The source code is also available if you care to inspect it.

I am simply curious to see if any of your home ISPs allow spoofed
packets to originate from within their downstream customer networks.

As some of you may (or may not) know, I co-authored BCP38 [1], which
was published in May 2000, and yet there are an astounding number of
ISP networks on the planet that still allow traffic with spoofed
source addresses to originate from within their networks. This is the
primary culprit in generated DNS Amplification Attacks, an issue which
several of us are currently engaged in, and will be talking about for
the months (and years?) to come in our community outreach.

So if you have a few free moment, please take a few moments when you
are at home and let me know the results.

Thanks,

- ferg


[1] https://tools.ietf.org/html/bcp38

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


  By Date           By Thread  

Current thread:
  • Spoofer Project Paul Ferguson (Mar 29)
    • Re: Spoofer Project Jerry (Mar 29)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]