Spoofer Project


The CAIDA Spoofer project has been collecting and publicly sharing
data on the deployment of source address validation since March 2016.
We've built up a reasonably large install-base of the open-source
client, and receive tests from 400-500 unique IPs per day. We're
posting reports with links to test outcomes on the spoofer website.
In particular, we've got summary statistics for each AS at:


If you know an operator for anyone on that list who has at least one
spoofable prefix, please feel free to reach out to them and let them
know. I've been sending emails to abuse contacts for nearly a year
now. Roughly 1/5 ASes I've contacted have fixed at least one problem.
The remediation we know about (automatically generated) is at:


In order to improve the notification emails, I'm also soliciting
configuration snippets from operators who have deployed source address
validation. If you have deployed SAV and wouldn't mind sharing
redacted configuration (privately is fine) including any necessary
platform details (such as vendor and operating system) we would
greatly appreciate it. We will aggregate and post configuration
snippets at https://spoofer.caida.org/


Is it me or NANOG's AS allowing spoofing?