[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

BCP38 tester?

Subject: BCP38 tester?
From: frnkblk at iname.com (Frank Bulk (iname.com))
Date: Mon, 1 Apr 2013 13:50:11 -0500
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

The good news is that source address spoofing does seem to fail with most CPE's NAT.  

At the end of the day, just turn on uRPF and/or use ACLs.  It's amazing how much destination 192.168.0.0/24 and 192.168.1.0/24 our ACLs also block.

Frank

-----Original Message-----
From: Jay Ashworth [mailto:jra at baylink.com] 
Sent: Sunday, March 31, 2013 9:35 PM
To: NANOG
Subject: Re: BCP38 tester?

----- Original Message -----
> From: "Alain Hebert" <ahebert at pubnix.net>

> An easy target would be anti-virus/trojan/security software
> providers that could add a BCP38 check to their software =D

Yes, but penetration is a problem, which is why I was thinking about
people like YouTube, Ookla, and the like.

Any Flash app that lots of people run frequently.  Assuming those apps
could generate the packets, which, on reflection, I would bet they can't.

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra at baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover DII
St Petersburg FL USA               #natog                      +1 727 647 1274

References:
- BCP38 tester?
  - From: ahebert at pubnix.net (Alain Hebert)
- BCP38 tester?
  - From: jra at baylink.com (Jay Ashworth)

Prev by Date: Open Resolver Problems
Next by Date: Open Resolver Problems
Previous by thread: BCP38 tester?
Next by thread: BCP38 tester?
Index(es):
- Date
- Thread