On Jan 26, 2014, at 12:47 PM, Jay Ashworth <jra@baylink.com> wrote:
something like 6 years ago, and couldn't get any traction on it then; I'm not sure I think much has changed -- apparently, extracting your BP thoughts from mailing list postings and putting them into a wiki is more effort than most NANOGers are up to.
I do have a list of the top ASNs that can be shown to allow IP spoofing by looking at the DNS scans part of the OpenResolverProject: 52731 ASN7922 31251 ASN9394 25241 ASN17964 15951 ASN4847 7576 ASN17430 5800 ASN17430 4110 ASN7497 3645 ASN9812 3492 ASN6854 http://openresolverproject.org/spoof-src-dst-asns-20140126.txt What the data is: It includes IP address where you send a DNS packet to it and another IP address responds to the query, e.g.: [jared@hostname ~/spoof]$ dig @101.0.37.11 ;; reply from unexpected source: 182.19.83.65#53, expected 101.0.37.11#53 The data only includes those where the “source-ASN” and “dest-asn” of these packets don’t match. - Jared