Home page logo

funsec logo funsec mailing list archives

Re: Spoofer Project
From: Steve Pirk <pirkster () gmail com>
Date: Mon, 1 Apr 2013 17:15:35 -0700

I have a Comcast business class connection, and the only addresses the
program could spoof were the local addresses in my subnet. It looks like
Comcast is filtering things nicely at my first router hop upstream.

-- steve <http://pirk.com>

On Thu, Mar 28, 2013 at 9:49 PM, Jerry <sec-acct.14 () oryx cc> wrote:

FYI, spoofer compiles without issue (or even warnings) on Solaris.

Will forward run results results off line.

On 03/28/13 08:03 PM, Paul Ferguson wrote:

Hi, funsec people.  :-)

This kind of goes hand-in-hand with a much larger community project,
but I'd like to encourage you to participate in the Spoofer Project,
and share the results:


Please take a moment to download the software (it is safe, I promise!)
-- there are software packages available for Mac OSX, Windows, and
Linux. The source code is also available if you care to inspect it.

I am simply curious to see if any of your home ISPs allow spoofed
packets to originate from within their downstream customer networks.

As some of you may (or may not) know, I co-authored BCP38 [1], which
was published in May 2000, and yet there are an astounding number of
ISP networks on the planet that still allow traffic with spoofed
source addresses to originate from within their networks. This is the
primary culprit in generated DNS Amplification Attacks, an issue which
several of us are currently engaged in, and will be talking about for
the months (and years?) to come in our community outreach.

So if you have a few free moment, please take a few moments when you
are at home and let me know the results.


- ferg

[1] https://tools.ietf.org/html/**bcp38<https://tools.ietf.org/html/bcp38>

Fun and Misc security discussion for OT posts.
Note: funsec is a public and open mailing list.

Fun and Misc security discussion for OT posts.
Note: funsec is a public and open mailing list.

  By Date           By Thread  

Current thread:
  • Re: Spoofer Project Steve Pirk (Apr 02)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]