FreeBSD Security Advisory FreeBSD-SA-14:19.tcp
Mark Felder
feld at FreeBSD.org
Tue Sep 16 13:49:10 UTC 2014
On Tue, Sep 16, 2014, at 08:20, Lowell Gilbert wrote:
>
> Spoofing traffic is pretty easy. The reason it isn't generally a problem
> is that knowing what to spoof is more difficult. [I assume that's what
> feld@ actually meant, but it's an important distinction.]
>
How many AS are out there don't implement BCP38? Spoofing these days
without MITM should be considered hard, and TCP even harder, no? I'd
find it more believable that it's easier to hijack BGP than to target
someone and successfully spoof TCP.
Maybe I'm just naive and haven't seen this behavior in the wild during
my time working at an ISP :-)
More information about the freebsd-security
mailing list