Re: looking for help for the statistics data on spoofing attack events on Internet
Dear Mr. Morrow: Thank you! We have already found CAIDA's backscatter, MIT's spoofer project. Spoofer project focuses on how much space in the Internet could be spoofable. It is very helpful for our experiment. But we also want to know how often the spoofing events(such spoofing IP attacks, spoofing route update) occurs, or the degree of their activity in real world. Monitoring the Internet widely is very difficult,so I hope to get some useful infomation by surveying the related statistical data and report from organization. currently, this way has no effective result. 2007/12/24, Christopher Morrow [EMAIL PROTECTED]: On Dec 24, 2007 12:08 AM, yangyang. wang [EMAIL PROTECTED] wrote: We are conducting an experiment to evaluate IP source address spoofing attacks on Internet and want to collect some statistics data or report about it Which organization or research group could support some statistics data, report or hints on the spoofed IP source address attack events, DNS spoofing events, router forged update events on the whole Internet or regional network for research analysis? you might get some mileage from the spoofer-project out of MIT: http://spoofer.csail.mit.edu/ have fun!
Re: looking for help for the statistics data on spoofing attack events on Internet
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- yangyang. wang [EMAIL PROTECTED] wrote: We have already found CAIDA's backscatter, MIT's spoofer project. Spoofer project focuses on how much space in the Internet could be spoofable. It is very helpful for our experiment. But we also want to know how often the spoofing events(such spoofing IP attacks, spoofing route update) occurs, or the degree of their activity in real world. Monitoring the Internet widely is very difficult,so I hope to get some useful infomation by surveying the related statistical data and report from organization. currently, this way has no effective result. As one of the co-authors to RFC2827/BCP38, I certainly understand your concerns. Which is why I encourage anyone who is interested to put their efforts into SAVA/SAVI work currently underway in the IETF. [SAVA: Source Address Validation Architecture] I personally think this is important work, but probably for different reasons than most people. ;-) - - ferg [1] http://www3.ietf.org/proceedings/07dec/minutes/savi.txt [2] https://datatracker.ietf.org/meeting/70/materials.html -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHcdDjq1pz9mNUZTMRArXRAKDpcxR12OA08jJxzpllaHBo46nVfwCdGTSI zhA1liWpRtcvZ+yupsb+AGc= =Gogs -END PGP SIGNATURE- -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/