{"id":280,"date":"2009-04-05T09:56:59","date_gmt":"2009-04-05T16:56:59","guid":{"rendered":"http:\/\/blog.caida.org\/best_available_data\/?p=280"},"modified":"2015-06-22T11:23:17","modified_gmt":"2015-06-22T18:23:17","slug":"spoofer-measure-your-networks-hygiene","status":"publish","type":"post","link":"https:\/\/blog.caida.org\/best_available_data\/2009\/04\/05\/spoofer-measure-your-networks-hygiene\/","title":{"rendered":"spoofer: measure your network&#8217;s hygiene!"},"content":{"rendered":"<p><em>Update: In May 2015, ownership of Spoofer transferred from MIT to CAIDA<\/em><\/p>\n<p>We are studying an empirical Internet question central to its security, stability, and sustainability: how many networks allow packets with spoofed (fake) IP addresses to leave their network destined for the global Internet?  In collaboration with MIT, we have designed an experiment that enables the most rigorous analysis of the prevalence of IP spoofing thus far, and we need your help running a measurement to support this study.<\/p>\n<p>This week <a href=\"http:\/\/rbeverly.net\/research\/\">Rob Beverly<\/a> <a href=\"http:\/\/mailman.nanog.org\/pipermail\/nanog\/2009-March\/009081.html\"> finally announced to nanog<\/a> an update to <a href=\"http:\/\/spoofer.caida.org\">spoofer<\/a> he&#8217;s been working on for a few months.  Spoofer is one of the coolest Internet measurement tool we&#8217;ve seen in a long time &#8212; especially now that he is using <a href=\"http:\/\/www.caida.org\/projects\/ark\">Ark nodes<\/a> as receivers (of spoofed and non-spoofed packets), giving him 20X more path coverage than he could get with a single receiver at MIT.\n<\/p>\n<p><!--more--><\/p>\n<p>\nIP source spoofing is still a common attack vector.  Rob&#8217;s <a href=\"http:\/\/spoofer.caida.org\">ANA spoofer project<\/a> first began quantifying the extent of source-address-based filtering in 2005, although with a limited set of tests and only a single destination receiving probes.  In addition to adding several different tests that will improve the accuracy of inferences, spoofer now hooks into CAIDA&#8217;s Ark infrastructure, which provides 20-30 additional destinations for test probe measurements. Spoofer&#8217;s output is also presented in a snazzy <a href=\"http:\/\/spoofer.caida.org\/example\/example.php\"> visual form<\/a>; Internet measurement doesn&#8217;t get much sexier than this!   Help us measure the extent of source-based address filtering on the Internet  &#8212; take a few minutes to download and run the tester &#8212; the more diverse network locations you run spoofer from, the more accurate our results will be.\n<\/p>\n<p>Related links: <a href=\"http:\/\/spoofer.caida.org\/faq.php\">Spoofer FAQ<\/a>; <a href=\"http:\/\/www.caida.org\/projects\/ark\/\">Ark project page<\/a>.\n<\/p>\n<p>\n<em> [Ark project funded by <a href=\"http:\/\/www.dhs.gov\/xabout\/structure\/editorial_0530.shtm\"> DHS S&#038;T&#8217;s<\/a> Cybersecurity Program <a href=\"http:\/\/www.caida.org\/funding\/cybersecurity\/\">N66001-08-C-2029<\/a> and NSF <a href=\"http:\/\/www.nsf.gov\/dir\/index.jsp?org=CISE\">CISE&#8217;s<\/a>  <a href=\"http:\/\/www.nsf.gov\/funding\/pgm_summ.jsp?pims_id=12810&#038;org=CNS&#038;from=home\">Computing Research Infrastructure<\/a> award <a href=\"http:\/\/www.caida.org\/funding\/cri2005\">CRI-0551542<\/a>.]<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Update: In May 2015, ownership of Spoofer transferred from MIT to CAIDA We are studying an empirical Internet question central to its security, stability, and sustainability: how many networks allow packets with spoofed (fake) IP addresses to leave their network destined for the global Internet? In collaboration with MIT, we have designed an experiment that [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[1,8,13,4],"tags":[],"coauthors":[26],"_links":{"self":[{"href":"https:\/\/blog.caida.org\/best_available_data\/wp-json\/wp\/v2\/posts\/280"}],"collection":[{"href":"https:\/\/blog.caida.org\/best_available_data\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.caida.org\/best_available_data\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.caida.org\/best_available_data\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.caida.org\/best_available_data\/wp-json\/wp\/v2\/comments?post=280"}],"version-history":[{"count":27,"href":"https:\/\/blog.caida.org\/best_available_data\/wp-json\/wp\/v2\/posts\/280\/revisions"}],"predecessor-version":[{"id":3254,"href":"https:\/\/blog.caida.org\/best_available_data\/wp-json\/wp\/v2\/posts\/280\/revisions\/3254"}],"wp:attachment":[{"href":"https:\/\/blog.caida.org\/best_available_data\/wp-json\/wp\/v2\/media?parent=280"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.caida.org\/best_available_data\/wp-json\/wp\/v2\/categories?post=280"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.caida.org\/best_available_data\/wp-json\/wp\/v2\/tags?post=280"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.caida.org\/best_available_data\/wp-json\/wp\/v2\/coauthors?post=280"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}