Do we have a statistics on what percentage of probes operate behind NAT?
On Tue, Nov 17, 2015 at 7:03 PM, Pavel Odintsov <pavel.odint...@gmail.com> wrote: > Hello! > > Thanks for answer! > > But actually we have huge issues with IPv4. Could we collect this > stats with full anonymous approach for bitting ethical problem here? > > So we definitely need number of networks who ignore this rules. > > On Tue, Nov 17, 2015 at 8:00 PM, Jen Linkova <furr...@gmail.com> wrote: > > On Tue, Nov 17, 2015 at 5:50 PM, Pavel Odintsov > > <pavel.odint...@gmail.com> wrote: > >> I'm writing from RIPE71 / Anti spoofing BoF. So I want to ask for some > >> difficult ethical question. > >> > >> Could we detect probe hosts who do not deploy outgoing filtering and > >> accept spoofed traffic? > >> > >> We need to know amount of they. It's really important for solving > >> spoofing issue in Internet scale. > > > > It's been discussed before and some ethical concerns have been raised > > by RIPE NCC. > > > > From pure technical point of view I think it might be possible some > > data for Ipv6 (with some false negatives): > > > > - a probe could generate ULA prefix for itself and send traffic from > > that ULA source to, let's say, some anchors (or some other pre-defined > > target which is known for allowing packets from ULA sources). > > Receiving such packet from a probe would prove tat there is no BCP38 > > filtering on the path (however blocking packets proves only the fact > > that ULAs are being blocked, not real spoofed packets). Or maybe a > > probe might get a GUA IP address from RIPE prefix and use it as a > > source.. > > As bi-directional communication is not necessary, any source address > would work. > > > >> > >> -- > >> Sincerely yours, Pavel Odintsov > >> > > > > > > > > -- > > SY, Jen Linkova aka Furry > > > > -- > Sincerely yours, Pavel Odintsov > -- connecting the dots
