Home page logo

nanog logo nanog mailing list archives

Re: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have)
From: Blake Dunlap <ikiris () gmail com>
Date: Thu, 8 Aug 2013 13:07:56 -0500

On a related note, how are you actually getting this data?

What you have said previously ( Number of unique IPs that spoofed a packet
to me. (eg: I sent a packet to and responded). ) doesn't
even make sense.


On Thu, Aug 8, 2013 at 12:51 PM, Jared Mauch <jared () puck nether net> wrote:

Oops, I pulled the wrong data (off by one column) out before a trip and
didn't realize it until now.

This is not the spoofer list, but the list of ASNs with open resolvers.

Let me reprocess it.

Apologies, corrected data being generated.

- Jared

On Aug 8, 2013, at 1:29 PM, Jared Mauch <jared () puck nether net> wrote:

The following is a sorted list from worst to best of networks that allow
spoofing: (cutoff here is 25k)

(full list -
http://openresolverproject.org/full-spoofer-asn-list-201307.txt )

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]