3 Feb
2014
3 Feb
'14
2:22 a.m.
On Jan 29, 2014, at 3:03 AM, Jared Mauch <jared@puck.nether.net> wrote:
Sure, but this means that network is allowing the spoofing :)
What I did last night was automated comparing the source ASN to the dest ASN mapped to and reported both the IP + ASN on a single line for those that were interested.
This is pretty slick, relying upon broken CPE NAT implementations. It's the only way I've heard of to remotely infer whether or not a given network allows spoofing. ----------------------------------------------------------------------- Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com> Luck is the residue of opportunity and design. -- John Milton