Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RIPE IP Anti-Spoofing Task Force (Was: private ip addresses fromISP)

  • From: Jeroen Massar
  • Date: Wed May 17 10:42:03 2006

On Wed, 2006-05-17 at 15:14 +0100, Ivan Groenewald wrote:
[..]
> If you mean you are getting traffic destined for RFC1918 space, then make
> sure you aren't announcing those networks to your upstreams by accident.
> Poor upstream configs/filters could allow stuff like that to escape to peers
> of the upstream. (stranger things have happened)
[..]

On a related note, RIPE has started an "IP Anti-Spoofing Task Force",
see http://www.ripe.net/ripe/tf/anti-spoofing/ for more information.

Greets,
 Jeroen


--

RIPE "IP Anti-Spoofing" Task Force 
================================== 

IP source address spoofing is the practice of originating IP datagrams 
with source addresses other than those assigned to the host of origin. 
In simple words the host pretends to be some other host. 

This can be exploited in various ways, most notably to execute DoS 
amplification attacks which cause an amplifier host to send traffic to 
the spoofed address. 

There are many recommendations to prevent IP spoofing by ingress 
filtering, e.g. checking source addresses of IP datagrams close to the 
network edge. 

At RIPE-52 in Istanbul RIPE has established a task force that promotes 
deployment of ingress filtering at the network edge by raising
awareness 
and provide indirect incentives for deployment. 

Document ripe-379 provides the task force charter and the initial
time-line. 


The mailing list archive is at 
http://www.ripe.net/ripe/maillists/archives/spoofing-tf/2006/index.html 

The task force web page is at
http://www.ripe.net/ripe/tf/anti-spoofing/ 


The task force is co-chaired by Nina Hjorth Bargisen (NINA1-RIPE) 
and Daniel Karrenberg (DK58).

Attachment: signature.asc
Description: This is a digitally signed message part




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.