Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis
Session Report

Test run at: 2017-10-02 19:17:45 GMT
Client Prefix (v4): 109.81.208.x/24
Client AS (v4): 5610 (O2-CZECH-REPUBLIC)
IPv4 Probes: 118
Client Prefix (v6): 2a00:1028:83xx::/40
Client AS (v6): 5610 (O2-CZECH-REPUBLIC)
IPv6 Probes: 77

Egress spoofing summary
Address type IPv4IPv6
Private rewrittenblocked
Routable rewrittenblocked
Largest spoofable neighbor prefix none/64

Warnings:

  • Your host is behind a Network Address Translation (NAT) router or firewall which rewrites the source addresses of the test traffic. To test your provider's network further, you must remove the NAT/firewall/router and connect directly.

    IPv4 AS Route:

    This test run probed the following paths in order to infer your ability to send different spoofed source packets. Each node in the graph corresponds to an autonomous system, i.e. different Internet service providers. NOTE: This graph does NOT show if an AS blocks spoofed packets, only the path taken by received spoofed packets. The IP Path Details are available for this run.
    
    

    IPv4 Adjacent Netblock Testing:

    Your host (109.81.208.x/24) can spoof 0 neighboring addresses


    Spoofed IP (anon)Prefix
    Length
    ASN of
    Spoofed IP
    Received
    109.81.208.x/24/315610rewritten
    109.81.208.x/24/305610rewritten
    109.81.208.x/24/295610rewritten
    109.81.208.x/24/285610rewritten
    109.81.208.x/24/275610rewritten
    109.81.208.x/24/265610rewritten
    109.81.208.x/24/255610rewritten
    109.81.208.x/24/245610rewritten
    109.81.209.x/24/235610rewritten
    109.81.210.x/24/225610rewritten
    109.81.212.x/24/215610rewritten
    109.81.216.x/24/205610rewritten
    109.81.192.x/24/195610rewritten
    109.81.240.x/24/185610rewritten
    109.81.144.x/24/175610rewritten
    109.81.80.x/24/165610rewritten
    109.80.208.x/24/155610rewritten
    109.83.208.x/24/1435819rewritten
    109.85.208.x/24/133209rewritten
    109.89.208.x/24/1212392rewritten
    109.65.208.x/24/118551rewritten
    109.113.208.x/24/1030722rewritten
    109.17.208.x/24/915557rewritten
    109.209.208.x/24/83215rewritten

    Meaning of status in Received column:

    rewrittenThe source address of the probe packets we received differs from the spoofed address. It appears that an intermediate device is rewriting your packet headers.

    IPv4 Egress Filtering Depth:

    The tracefilter test found your host unable to spoof routable, non-adjacent source addresses through even the first IP hop.
    IPv6 probes:
    Spoofed IPDestinationReceived
    2001:4978:1fb:6400::d22001:388:1:5001:21c:c0ff:fea2:4a3ano
    2001:49aa:111:aa00::112001:388:1:5001:21c:c0ff:fea2:4a3ano
    fd11:1111:1111::11112001:388:1:5001:21c:c0ff:fea2:4a3ano
    2001:4978:1fb:6400::d22001:410:102:1::78no
    2001:49aa:111:aa00::112001:410:102:1::78no
    fd11:1111:1111::11112001:410:102:1::78no
    2001:4978:1fb:6400::d22001:410:90ff::5no
    2001:49aa:111:aa00::112001:410:90ff::5no
    fd11:1111:1111::11112001:410:90ff::5no
    2001:4978:1fb:6400::d22001:48d0:101:501::242no
    2001:49aa:111:aa00::112001:48d0:101:501::242no
    fd11:1111:1111::11112001:48d0:101:501::242no
    2001:4978:1fb:6400::d22001:48d0:101:501::247no
    2001:49aa:111:aa00::112001:48d0:101:501::247no
    fd11:1111:1111::11112001:48d0:101:501::247no
    2001:4978:1fb:6400::d22001:610:510:115:192:42:115:98no
    2001:49aa:111:aa00::112001:610:510:115:192:42:115:98no
    fd11:1111:1111::11112001:610:510:115:192:42:115:98no
    2001:4978:1fb:6400::d22001:630:212:225:225:90ff:fe0c:45a6no
    2001:49aa:111:aa00::112001:630:212:225:225:90ff:fe0c:45a6no
    fd11:1111:1111::11112001:630:212:225:225:90ff:fe0c:45a6no
    2001:4978:1fb:6400::d22001:708:40:2001:21c:c0ff:fea2:4c5cno
    2001:49aa:111:aa00::112001:708:40:2001:21c:c0ff:fea2:4c5cno
    fd11:1111:1111::11112001:708:40:2001:21c:c0ff:fea2:4c5cno
    2001:4978:1fb:6400::d22001:770:18:7:225:90ff:fe0c:acb4no
    2001:49aa:111:aa00::112001:770:18:7:225:90ff:fe0c:acb4no
    fd11:1111:1111::11112001:770:18:7:225:90ff:fe0c:acb4no
    IPv6 Adjacent Netblock Testing:
    Spoofed IP (anon)Prefix
    Length
    ASN of
    Spoofed IP
    Received
    2a00:1028:83xx::/40/1205610yes
    2a00:1028:83xx::/40/1125610yes
    2a00:1028:83xx::/40/1045610yes
    2a00:1028:83xx::/40/965610yes
    2a00:1028:83xx::/40/885610yes
    2a00:1028:83xx::/40/805610yes
    2a00:1028:83xx::/40/725610yes
    2a00:1028:83xx::/40/645610yes
    2a00:1028:83xx::/40/565610no
    2a00:1028:83xx::/40/485610no
    2a00:1028:83xx::/40/405610no
    2a00:1028:3xx::/40/325610no
    2a00:10a8:83xx::/40/2439596no
    2a00:9028:83xx::/40/16UNROUTEDno

    Meaning of status in Received column:

    noPackets spoofed from adjacent netblock were not received, probably due to blocking
    yesPackets spoofed from adjacent netblock were received (but that netblock is within the source AS)
    Summary:
    The results from all tests are aggregated to produce a summary "State of IP Spoofing" report.
    Feedback:
    We welcome questions and feedback to the Spoofer Information Mailing List and invite users to join the Spoofer Users Mailing List for discussion and announcements.
      Last Modified: