I got an e-mail from BYU about IP Spoofing. Looks like they ran some testing during December 2019. "The intent of the experiment was to determine the pervasiveness of networks failing to filter spoofed incoming traffic appearing to originate from within their own networks." Apparently they are going to present the results of this experiment at the Internet Measurement Conference (IMC) 2020 at the end of this month.
They sent me the e-mail being my AS failed their test. The e-mail was very well written with proper english and spelling. They weren’t asking me for anything, just giving me a heads up. I didn't have any filters in my firewall preventing this, but popped a couple in to see what they caught. Well I am seeing random packets coming in from the outside world with my IP addresses as the source. Looks like they are looking for DNS servers being all traffic so far has been UDP 53. I now have these Firewall rules in place. Is there any reason why I won't want to block these request. I can not think of any valid reason for someone to spoof my IP on incoming packets. -- Thanks, Mark mailto:m...@mailmt.com Myakka Technologies, Inc. www.Myakka.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
