nanog mailing list archives
[NANOG] Re: How can the IP spoofing problem be solved within a country?
From: firincitaygun--- via NANOG <nanog () lists nanog org>
Date: Mon, 07 Apr 2025 06:40:40 -0000
In Türkiye, operators provide internet service to every customer with cgnat. Naturally, spoofing is not possible on these IPs. This may be the explanation for the IP blocks you see on the page you sent. According to my guess, most of the people who download and run spoofer want to do IP spoofing and have unintentionally contributed to the project (yes, I have seen examples recently). If a customer buys a static IP, they are taken to the public zone. Data centers and other customers who buy a public IP or uplink can generally do IP spoofing. Just a rumor, but I heard that an ISP in our country recently (still) dared to attack data centers with IP spoofing over its own infrastructure (still just a rumor).
Depends on your source of authority. If you're constructing a government mandate then you require anyone selling Internet service in Turkey to implement BCP 38 on every paid Internet connection. That means egress filtering everywhere they buy transit or peering service inside or outside of Turkey and ingress filtering everywhere they sell Internet service inside and outside of Turkey. And you set large and escalating fines for every incident where the ISP is found to be in non-compliance. Then you sit back and let capitalism do what it does best: optimize for cost.
I definitely agree. I am not very active in the sector but I am generally luckier than most people in reaching the authorities. The best plan I have in mind right now is to find the network topologies that TTNET, which is the central ISP in Türkiye, provides service to data centers, homes, and other ISPs, and to prepare a report that includes, in its simplest form, what can be done and how, what kind of a threat this poses to the country and the internet environment in general. Then all I have to do is print this report, give it to all the authorities I cross paths with, and run away :D Sorry for the late reply, I spend a lot of time on research, everything you write is very valuable to me. Regards, Taygun _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog () lists nanog org/message/QGBH42TYJHRH4MY67IZ2MHKME7YLUKM2/
Current thread:
- [NANOG] How can the IP spoofing problem be solved within a country? T . Fırıncı via NANOG (Apr 05)
- [NANOG] Re: How can the IP spoofing problem be solved within a country? Tim Howe via NANOG (Apr 05)
- [NANOG] Re: How can the IP spoofing problem be solved within a country? Christopher Hawker via NANOG (Apr 05)
- [NANOG] Re: How can the IP spoofing problem be solved within a country? William Herrin via NANOG (Apr 05)
- [NANOG] Re: How can the IP spoofing problem be solved within a country? Hank Nussbacher via NANOG (Apr 05)
- [NANOG] Re: How can the IP spoofing problem be solved within a country? firincitaygun--- via NANOG (Apr 06)
- [NANOG] Re: How can the IP spoofing problem be solved within a country? Compton, Rich via NANOG (Apr 07)
- [NANOG] Re: How can the IP spoofing problem be solved within a country? Hank Nussbacher via NANOG (Apr 05)
- [NANOG] Re: How can the IP spoofing problem be solved within a country? Barry Greene via NANOG (Apr 05)
- [NANOG] Re: How can the IP spoofing problem be solved within a country? sronan--- via NANOG (Apr 05)
- [NANOG] Re: How can the IP spoofing problem be solved within a country? Barry Greene via NANOG (Apr 05)
- [NANOG] Re: How can the IP spoofing problem be solved within a country? Jay via NANOG (Apr 06)
- [NANOG] Re: How can the IP spoofing problem be solved within a country? sronan--- via NANOG (Apr 05)