Here's a piece which uses the MIT ANA data to assert that the job is
mostly done already.
Unless I'm very much mistaken, it appears that a large percentage of
the failed BCP 38 spoofing tests listed in that data are actually due
to customer side NAT routers dropping packets...
which is of course egress filtering rather than ingress filtering,
and thus doesn't actually apply to our questions.
Am I interpreting that correctly?
The date seems a little past "buy by" in light of the very recent observations and comments here.
Is using data from a self-selected group even meaningful when
extrapolated? It's been a while since Stats in college, and it's very
likely the guys from MIT know more than I do, but one of the big things
they pushed was random sampling.
JM
Isn't it probable that people who know enough to download the spoofer projects program and run it might also be in position to fix things when it's broken, or they may just be testing their own networks which they've already secured, just to verify they got it right.
I may put it on my laptop and start testing random places like Starbucks, my moms house, conventions and other things, but if I'm running it from my home machine it's just to get the gold "I did this" star.
So yeah, data from the project is probably meaningless unless someone uses it as a worm payload and checks 50,000 computers randomly (of course I don't advise this. I just wish there was a way to really push this to be run by everyone in the world for a week)
Maybe with enough hype we could get CNN to advise people to download it. Actually, it would be nice if someone who writes security software like NOD32 or Malwarebytes, or spybot, adaware, etc, would integrate it into their test suite. Then you get the thousands of users from them added to the results.
Spybot, adaware, and MalWare bytes.
I hadn't even thought of them; I was all fixated on Ookla... and why it wouldn't work.
I will query those folks.
Cheers,
- jra
Actually, it would be nice if someone who writes security software
like NOD32 or Malwarebytes, or spybot, adaware, etc, would
integrate it into their test suite. Then you get the thousands of
users from them added to the results.
I have just sent an email to ESET promoting participation on the BCP38
initiative by incorporating spoofer projects program in their program suite.
If there's more of us maybe we can make a change.
adam
Absolutely.
I've queried the PI on the ex-MIT ANA spoofing measuring project, prepatory
to inquiring of the other projects mentioned above; we should all be pulling
in the same direction, measuring the same things, with the same infrastructure
if possible.
Cheers,
-- jra