Skip to Content.
Sympa Menu

netsec-sig - [Security-WG] CAIDA Spoofer

Subject: Internet2 Network Security SIG

List archive

[Security-WG] CAIDA Spoofer


Chronological Thread 
  • From: Paul Howell <>
  • To: "" <>
  • Subject: [Security-WG] CAIDA Spoofer
  • Date: Tue, 11 Dec 2018 14:14:10 +0000
  • Accept-language: en-US
  • Authentication-results: internet2.edu; dkim=none (message not signed) header.d=none;internet2.edu; dmarc=none action=none header.from=internet2.edu;
  • Ironport-phdr: 9a23:ZQdHMRc3TtgTYNzjkXRP1FuhlGMj4u6mDksu8pMizoh2WeGdxc26ZBGN2/xhgRfzUJnB7Loc0qyK6/CmATRIyK3CmUhKSIZLWR4BhJdetC0bK+nBN3fGKuX3ZTcxBsVIWQwt1Xi6NU9IBJS2PAWK8TW94jEIBxrwKxd+KPjrFY7OlcS30P2594HObwlSizexfbB/IA+qoQnNq8IbnZZsJqEtxxXTv3BGYf5WxWRmJVKSmxbz+MK994N9/ipTpvws6ddOXb31cKokQ7NYCi8mM30u683wqRbDVwqP6WACXWgQjxFFHhLK7BD+Xpf2ryv6qu9w0zSUMMHqUbw5Xymp4qF2QxHqlSgHLSY0/mHJhMJtkKJVrhGvqBJ+w4HIb46YL+Bxcr/Yfd4AWWZMRMRcWipcCY28dYsPCO8BMP5CoYbnulsOqQa1CwurBOLh1DBIgnv21rA93uQ5EQHG2wIhEMwKsHTQt9j1NaESUfyrw6nSyzXMce9W1Snn5IfWbx8hvOiBULRtesTfzkkvEhnKjlSWqYH9IzyazOUNvHWB4OZ6UuKvkWEnpgdsqTas3schkpfFiZgJxlzZ8Ch13Zs5KcC9RU51btOoDIdcuiSYOoRoTc4tXmRltSMkxrEauJO3ZDYGxIg7yxLCbvGKfIuF7QjgWeuUIDp1h3xld6y6iha8/0igxOP8W8y33VtFsyZKidzBum0N2hHS7sWKT+Fy80S/1TuP0g3T5OBJLEI6labDJZ4u3L09moYWvEnGBSD5hFn6gLOTe0gr4Oek9urnb7D4qpCHK4N5iwTzMqovl8CiBek1NBUFUXKB9uSmzrLj+FX0QLVUgf0ylanUqIjUKNgcqKKlDAJZy5gu5Q+iAzu/19QXhmcIIEhCeBKak4jmIFbOIO3+DfiimVisiC1rx/faPrL/HprNMnnDkLDnfbpn7E5c1RYzzdRY55JTCbENOu78Wkj0tNDADx85NRK7w/r/BdljzIwSRX+DD6qEPK/PrFOF4+wvLuaQaIMJvTvwKeYq6vHzgnI8nFIRY7Wl0JoPZHC9BPtmIkGZYXT2gtcGFGcHphI+TOztiFyMTzFTY3KyUrk95jE9FIKpE53DRoazj7ydwiu3BINZaX1bClyUC3fna52EW+sQaCKVOsJhiSILWqS8S4871BGuqA/7x6NpL+rb4SAYsZPj1MNp5+3Iix0+7z10D8KB026TVWF0mH0HRyMo0Kxlv0Ny10qDguBEhKkSDtFY+ulIThZ/KpH0zupmBsr0Vx6bONqFVRzuFs6rCiwrT84ghsABS0d7B9i4iB3fhWynD6JDxJKRA5lhyqvB2zDRINlwz3KOgLEhiEYrRs9nNGu6i7R5+hSJQYPFjhPKxO6Raa0A0XuVpy+4xm2UsRQAClQiWLjZXX0ZekrdpMj44UWHVbK1FLA7KVIbmZyDLLdHcNvkkQ8ASfv+a5zSYGO0zmG3AxvAhraBd5HjdGhV2iLBQFMFnAYe8TfjV0A+Cy6trniYAGloElTiMELq7eRkrn6nFAk5wxzZJ0Fk3qC+rxgSg/HUQvgP37UC7SEmrTgRfh690tvaBsDGqRBmefBdZ88w+lFKyTifugBgbZE=
  • Spamdiagnosticoutput: 1:0

Hi,

 

At this past Internet2 Technology Exchange, we held a half-day routing security workshop that you may have attended.   During the workshop, several people discussed their experience with using an IP address spoofing tool provided by CAIDA called spoofer (https://www.caida.org/projects/spoofer/).   The conversations regarding spoofer included how it can be used to identify network points where spoofed traffic is exiting, despite BCP38 filters implemented to block spoofed traffic.  Also discussed were some of the challenges in understanding spoofer reports.

 

Recently I spoke with CAIDA about hosting a technical webinar (probably mid-January) on using and interpreting spoofer reports with an emphasis on the R&E community.   CAIDA is receptive to this and has asked if anyone with feedback on using spoofer would be willing to have a call to ensure the webinar hits the right topics.

 

If you would like to discuss your experiences with spoofer, please let me know and I will organize a call.

 

Regards,

Paul

 

Paul Howell

Chief Cyberinfrastructure Security Officer

Network Services, Internet2

100 Phoenix Drive, STE 111

Ann Arbor, MI 48108

Office: 734-352-4212

Email: 

 

 


  • [Security-WG] CAIDA Spoofer, Paul Howell, 12/11/2018

Archive powered by MHonArc 2.6.19.

Top of Page