[ITNOG] let's stop IP spoofing, now

[TU Delft - infospoofing project]

Every day, attackers exploit IP spoofing for their criminal operations. Despite being a known vulnerability for at least 25 years, IP source address spoofing still remains a popular attack method for redirection, amplification, and anonymity attacks. This situation persists partially because of the lack of visibility into which operators lack adequate anti-spoofing measures -- that is, their networks are not compliant with BCP38 and related norms.


In the effort to help increase the adoption of anti-spoofing measures, researchers from TU Delft and CAIDA have been conducting measurements on which networks are compliant. We would like to engage the network operator community to reach out to non-compliant operators and instigate remediating actions.


We have created an overview of our findings on networks in Italy. You can see them on our website:

https://www.infospoofing.com/it/ID=69


The good news is: 80% of Italian operators have measures in place against IP spoofing! We would like to ask your help to get the remaining 20% on board. Feel free to share the link to our website or otherwise help mobilize the non-compliant operators. At our site, you can also find more information about anti-spoofing best practices as articulated by the MANRS initiative.


Help us to make Italy a spoofing-free country!


Best regards,

Orcun Cetin,

Luigi Tuttobene,

Carlos Gañán,

Michel van Eeten


Researcher at Delft University of Technology

---

Faculteit Techniek, Bestuur en Management

TU Delft Postbus 5015, 2600GA Delft

+31 (0)15 27 88784
-------------- parte successiva --------------
Un allegato HTML è stato rimosso...
URL: <http://lists.itnog.it/pipermail/itnog/attachments/20180314/437f5d68/attachment.html>