Session Report
Summary:
Test run at: 2017-10-16 18:46:58 GMT
Client Prefix (v4): 81.205.239.x/24
Client AS (v4): 1136 (KPN)
IPv4 Probes: 105
Client Prefix (v6): 2a02:a443:c8xx::/40
Client AS (v6): 1136 (KPN)
IPv6 Probes: 68
| Outbound spoofing summary (from the client to our server) |
|---|
| Source address type |
IPv4 | IPv6 |
|---|
| Private -
RFC1918 or ULA |
rewritten | blocked |
| Routable |
rewritten | blocked |
| Largest spoofable neighbor prefix length |
none | /48 |
| Spoof status key |
|---|
| received | Spoofed packet was received. | ✔ | Pattern of tests from this IP block indicates a switch from allowing spoofing to blocking it. |
| rewritten | Spoofed packet was received, but the source address was changed en route. |
| blocked | Spoofed packet was not received, but unspoofed packet was. |
| unknown | Neither spoofed nor unspoofed packet was received. |
Warnings:
- ⚠️ Your host is behind a Network Address Translation (NAT) router or firewall which rewrites the source addresses of the test traffic. To test your provider's network further, you must remove the NAT/firewall/router and connect directly.
IPv4 Adjacent Netblock Testing:
Your host (81.205.239.x/24) can spoof 0 neighboring addresses
| Spoofed source address (anon) | Prefix
Length | ASN of spoofed
source address | Received |
|---|
| 81.205.239.x/24 | /31 | 1136 | rewritten |
| 81.205.239.x/24 | /30 | 1136 | rewritten |
| 81.205.239.x/24 | /29 | 1136 | rewritten |
| 81.205.239.x/24 | /28 | 1136 | rewritten |
| 81.205.239.x/24 | /27 | 1136 | rewritten |
| 81.205.239.x/24 | /26 | 1136 | rewritten |
| 81.205.239.x/24 | /25 | 1136 | rewritten |
| 81.205.239.x/24 | /24 | 1136 | rewritten |
| 81.205.238.x/24 | /23 | 1136 | rewritten |
| 81.205.237.x/24 | /22 | 1136 | rewritten |
| 81.205.235.x/24 | /21 | 1136 | rewritten |
| 81.205.231.x/24 | /20 | 1136 | rewritten |
| 81.205.255.x/24 | /19 | 1136 | rewritten |
| 81.205.207.x/24 | /18 | 1136 | rewritten |
| 81.205.175.x/24 | /17 | 1136 | rewritten |
| 81.205.111.x/24 | /16 | 1136 | rewritten |
| 81.204.239.x/24 | /15 | 1136 | rewritten |
| 81.207.239.x/24 | /14 | 1136 | rewritten |
| 81.201.239.x/24 | /13 | 12923 | rewritten |
| 81.197.239.x/24 | /12 | 719 | rewritten |
| 81.221.239.x/24 | /11 | 1836 | rewritten |
| 81.237.239.x/24 | /10 | 3301 | rewritten |
| 81.141.239.x/24 | /9 | 2856 | rewritten |
| 81.77.239.x/24 | /8 | 5388 | rewritten |
Meaning of status in Received column:
| rewritten | The source address of the probe packets we received differs from the spoofed address. It appears that an intermediate device is rewriting your packet headers. |
IPv4 Outbound Filtering Depth:
The tracefilter test found your host
able to spoof routable, non-adjacent source addresses through the
first 1 IP hop(s).
IPv6 probes:
| Spoofed source address | Destination | Received
|
|---|
IPv6 Adjacent Netblock Testing:
| Spoofed source address (anon) | Prefix
Length | ASN of spoofed
source address | Received |
|---|
| 2a02:a443:c8xx::/40 | /120 | 1136 | yes |
| 2a02:a443:c8xx::/40 | /112 | 1136 | yes |
| 2a02:a443:c8xx::/40 | /104 | 1136 | yes |
| 2a02:a443:c8xx::/40 | /96 | 1136 | yes |
| 2a02:a443:c8xx::/40 | /88 | 1136 | yes |
| 2a02:a443:c8xx::/40 | /80 | 1136 | yes |
| 2a02:a443:c8xx::/40 | /72 | 1136 | yes |
| 2a02:a443:c8xx::/40 | /64 | 1136 | yes |
| 2a02:a443:c8xx::/40 | /56 | 1136 | yes |
| 2a02:a443:c8xx::/40 | /48 | 1136 | yes |
Meaning of status in Received column:
| yes | Packets spoofed from adjacent netblock were received (but that netblock is within the source AS) |
Summary:
The results from all tests are aggregated to produce a summary
"State of IP Spoofing" report.
Feedback:
We welcome questions and feedback to the Spoofer Information Mailing List
and invite users to join the Spoofer
Users Mailing List for discussion and announcements.
