Spoofer project update
Hi, as many of you are acutely aware, IP source spoofing is still a common attack vector. The ANA spoofer project: http://spoofer.csail.mit.edu first began quantifying the extent of source verification in 2005. We've amassed several years worth of data -- data that has become particularly interesting in light of recent attacks. However, our data raised as many questions as it answered. Hence, we have developed a new version of the tester designed to answer these questions and improve our Internet-wide inferences. What's New: In addition to new tests, we've hooked into CAIDA's Ark infrastructure which allows us to perform multiple path-based measurements. This information is presented to the client now in visual form; see the screenshots for an example report: http://spoofer.csail.mit.edu/example/example.php How you can help: Simple -- take a few minutes to download and run the tester. The more points you can run the tester from, the better. Comments/Flames: Welcome, and we appreciate all feedback. Be sure to read the FAQ: http://spoofer.csail.mit.edu/faq.php Many thanks, rob
< a call to fingers > please run this test if you haven't already. we're trying to get a 2009 baseline on filtering. i've blogged a reminder at: http://blog.caida.org/best_available_data/2009/04/05/spoofer-measure-your-ne... and will post results there (and here) too, once we have some. if you run into any problems, email us. Internet science: can't do it without you, yada. k ps: if you want to host an Ark node so we can test topology near you in the future, read http://www.caida.org/projects/ark/siteinfo.xml and send us mail. On Tue, Mar 31, 2009 at 11:36:18AM -0400, Robert Beverly wrote: Hi, as many of you are acutely aware, IP source spoofing is still a common attack vector. The ANA spoofer project: http://spoofer.csail.mit.edu first began quantifying the extent of source verification in 2005. We've amassed several years worth of data -- data that has become particularly interesting in light of recent attacks. However, our data raised as many questions as it answered. Hence, we have developed a new version of the tester designed to answer these questions and improve our Internet-wide inferences. What's New: In addition to new tests, we've hooked into CAIDA's Ark infrastructure which allows us to perform multiple path-based measurements. This information is presented to the client now in visual form; see the screenshots for an example report: http://spoofer.csail.mit.edu/example/example.php How you can help: Simple -- take a few minutes to download and run the tester. The more points you can run the tester from, the better. Comments/Flames: Welcome, and we appreciate all feedback. Be sure to read the FAQ: http://spoofer.csail.mit.edu/faq.php Many thanks, rob
participants (2)
-
k claffy
-
Robert Beverly