Home page logo

nanog logo nanog mailing list archives

Re: BCP38 tester?
From: Peter Baldridge <petebaldridge () gmail com>
Date: Sun, 31 Mar 2013 18:43:12 -0700

I can assume that If you are spoofing packets, resetting passwords on cpe
and replacing the box would be trivial.  So it's questionable how useful
this is.  It seems like it just adds cost to for customers that can't spoof
a packet to save their lives.
On Mar 31, 2013 6:37 PM, "Jason Lixfeld" <jason () lixfeld ca> wrote:

On 2013-03-31, at 10:48 AM, Jay Ashworth <jra () baylink com> wrote:

Is there a program which users can run on an end-site workstation which
would test whether they are being some link which is doing BCP38, or some
related type of source-address ingress filtering?

I'm hoping for something that could be downloaded by users and run, and
try to forge a few packets to somewhere useful, which could be logged
somehow in conjunction with some unforged packets containing a traceroute,
so we could build up a database of leaky networks.

On a related topic, while I know GRC Research's Steve Gibson is a bit of
a polarizing personality, he does have a fairly sizable consumer audience,
and might be a great distribution venue for such a thing.

Or, perhaps, is there someone on here from Ookla?

Patrick?  Could Akamai be persuaded to take an interest in this as a
research project?

From my perspective, 99% of end-users probably don't understand (or care)
that their provider might be responsible for initiating or precipitating a
DDoS attacks, period.  Most network operators are probably either too
inexperienced to understand or too lazy to care.

I believe that most everyone has a CPE of some sort, whether their service
is resi or commercial.  So, what about shifting the focus to the CPE
manufacturers?  They bend to technology and/or market pressures by bringing
things like NAT, Firewalls, DLNA, UPnP, IPv6 (heh), PPPoE, RFC1483, etc. to
their respective products in to satisfy technology limitations or security
concerns or whatever.  Why can't they help the cause by implementing some
sort of RFC'ified BCP38 thing?

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]