On Tue, Sep 16, 2014 at 8:49 AM, Mark Felder <[email protected]> wrote:
> > How many AS are out there don't implement BCP38? Spoofing these days > without MITM should be considered hard, and TCP even harder, no? I'd > find it more believable that it's easier to hijack BGP than to target > someone and successfully spoof TCP. > > Maybe I'm just naive and haven't seen this behavior in the wild during > my time working at an ISP :-) > > Between work and home, I have access to three internet connections from different ISPs. None stop me from sourcing packets from arbitrary addresses. For example, if I use "ifconfig xx0 alias 1.1.1.1/32; ping -S 1.1.1.1 <victim>" and use tcpdump on <victim>, I see the traffic with the source address 1.1.1.1. I have no special arrangements; just typical commodity service. So there are at least three ISPs serving my area that don't prevent IP spoofing. -- As implied by email protocols, the information in this message is not confidential. Any middle-man or recipient may inspect, modify, copy, forward, reply to, delete, or filter email for any purpose unless said parties are otherwise obligated. As the sender, I acknowledge that I have a lower expectation of the control and privacy of this message than I would a post-card. Further, nothing in this message is legally binding without cryptographic evidence of its integrity. http://bilbo.hobbiton.org/wiki/Eat_My_Sig _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
