On Feb 19, 2014, at 4:52 AM, Tony Tauber <ttauber@1-4-5.net> wrote:
maybe we should conclude that most of the spoofing is coming from somewhere else; perhaps including colo and cloud providers.
My theory - not yet backed by data - is that probably most spoofed traffic these days does in fact emanate from IDC networks, and that a non-trivial proportion of same emanates from a relatively small number of such networks. In many cases, it's possible to put 'naked' hosts on home broadband connections, however - and how common that is, and what proportion of those broadband access networks don't run any form of anti-spoofing, is an open question. ----------------------------------------------------------------------- Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com> Luck is the residue of opportunity and design. -- John Milton