[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have)
- Subject: Spoofing ASNs (Re: SNMP DDoS: the vulnerability you might not know you have)
- From: ikiris at gmail.com (Blake Dunlap)
- Date: Thu, 8 Aug 2013 13:07:56 -0500
- In-reply-to: <[email protected]>
- References: <CAJvB4t=MFhVNpmBwKdMrcc5ZCQkO1LSpNbsqtJu27WjQd=cpJA@mail.gmail.com> <CE1EA166.16075%[email protected]> <CAJvB4tngwy0rMwvnUSMkEYGPevE8wRBxZBGfKF8vjGA1JpEOHA@mail.gmail.com> <CA+2UFhksZz9Kb0LRO29STMzj-KZchD94ZxvqibMW=R8tAV_ufw@mail.gmail.com> <[email protected]> <CAJvB4tk2S=D+z_kn_6_tEpGiB2feYGbXTBhimtgZfZ5ikTB7yg@mail.gmail.com> <CAAAwwbWCSsp1a7U43NLU=fwMeGXrSUGZEm0ZVwSkiaEmRDKgXg@mail.gmail.com> <CA+2UFhntL-iKdGc7Ev9UbPB-y5QkO5eA=nxFfsmNMq50ZUkPqA@mail.gmail.com> <[email protected]> <[email protected]> <[email protected]>
On a related note, how are you actually getting this data?
What you have said previously ( Number of unique IPs that spoofed a packet
to me. (eg: I sent a packet to 1.2.3.4 and 5.6.7.8 responded). ) doesn't
even make sense.
-Blake
On Thu, Aug 8, 2013 at 12:51 PM, Jared Mauch <jared at puck.nether.net> wrote:
> Oops, I pulled the wrong data (off by one column) out before a trip and
> didn't realize it until now.
>
> This is not the spoofer list, but the list of ASNs with open resolvers.
>
> Let me reprocess it.
>
> Apologies, corrected data being generated.
>
> - Jared
>
> On Aug 8, 2013, at 1:29 PM, Jared Mauch <jared at puck.nether.net> wrote:
>
> > The following is a sorted list from worst to best of networks that allow
> spoofing: (cutoff here is 25k)
> >
> > (full list -
> http://openresolverproject.org/full-spoofer-asn-list-201307.txt )
>
>
>