8 Aug
2013
8 Aug
'13
1:52 p.m.
On Thu, 08 Aug 2013 12:46:10 -0500, Blake Dunlap said:
I noticed that two of my ASNs are on that list for example with low numbers. I can't fathom how as at least one of them has uRPF implemented on any actual interfaces and no downstreams/peers.
Most likely, you have places where one host in a /24 or /28 can spoof a packet claiming to be another host in the same subnet, and have the spoofed packet escape into the outside world. There's really no way to stop that unless you get *really* fascist with your edge-host facing routers/switches.