Do you run a network? Do you secure an organization? Do you build applications? Do you want DDoS Attacks to be easy? Of course not! Everyone running, securing, or building something on the Internet does not want it easy to attack that service. We’re asking people to load the Spoofer application to Fight DDoS. Loading Spoofer on your computer would help determine if your network and other networks are following the best common practices (BCPs) to minimize the risk to the Internet.
Does your download and running Spoofer matter? Yes! DDoS Miscreants thrive on the ability to spoof IP addresses. The Six Charged in Mass Takedown of DDoS-for-Hire Sites by a multinational law enforcement action are the types of abuse Spoofer measures and publicizes.
Watch this youtube video to find out more:
Spoofer looks for two types of spoofing risk:
- Is your network allowing spoofed source IPs and endangering the Internet? These spoofed packets are used to attack others on the Internet.
- Is your network vulnerable to a spoofed IP attack? Many organizations create internal security access lists only to allow source IPs that belong to their network. This is good “IF” the organization blocks the source IPs from the Internet. Otherwise, a threat actor can spoof your IPs and bypass your ACLs.
Spoofer is free, secure, and part of a community program anchored in the Center for Applied Internet Data Analysis based at the University of California’s San Diego Supercomputer Center (CAIDA).
Yes, you can see who is spoofing on the Internet! The Spoofer project displays which networks are allowing spoofed packets and which are protecting the Internet. You can see the data from two key sources:
- CAIDA’s Spoofer Project
- Shadowserver’s IP Spoofer Events Report (that uses the CAIDA data)
Your download and running Spoofer widens the communities ability to block threat actors from Spoofed attacks. Ask your family and friends to download and use Spoofer. Spoofer wakes up every time it sees a new network. People who move around and plugin into different parts of the Internet contribute enable’s more comprehensive IP Spoof measurements that help Operators plug holes in their defenses.
Are you looking for more practical, public-service Security Advice?
- You can sign up for the mailing list for updates here: Stay Connected with Senki’s Updates.
- Subscribe to Senki’s YOUTUBE Channel for videos on this and other security topics.
- Ask questions to Barry Greene – email@example.com
The materials and guides posted on www.senki.org here are designed to help organizations leverage the talent around them to get started with their security activities. Start with the Operator’s Security Toolkit and Meaningful Security Conversations with your Vendors. Each is no-nonsense security for all Operators. It provides details to help them build more security-resilient networks. In the meantime, stay connected to the Senki Community to get updates on new empowerment and security insights.