This week, the Center for Applied Internet Data Analysis (CAIDA) announced that:
“In response to feedback from operational security communities, CAIDA’s source address validation measurement project (https://spoofer.caida.org) is automatically generating monthly reports of ASes originating prefixes in BGP for systems from which we received packets with a spoofed source address. We are publishing these reports to network and security operations lists in order to ensure this information reaches operational contacts in these ASes.”
We see this as a positive step forward for routing security. Anti-spoofing is one of the major MANRS Actions for network operators, and in fact we’ve been asking prospective MANRS participants to run Spoofer for some time now.
IP source address spoofing is when fake source addresses hide a sender’s identity or impersonate someone else. This can be exploited in various ways, most notably to execute Denial of Service (DoS) attacks that send traffic to the spoofed address. To combat this, MANRS calls for anti-spoofing — enabling source address validation to prevent spoofed packets from entering or leaving your network.
You can check the anti-spoofing capabilities of your own network by downloading the software here. And of course, you can read all about the Anti-spoofing component of MANRS here.
Together, we can make the Internet a better place and Protect The Core!
Leave a Reply