Session Report

Summary:

Test run at: 2018-09-07 14:39:52 GMT
Client Prefix (v4): 5.189.187.x/24
Client AS (v4): 51167 (CONTABO)
IPv4 Probes: 124
Client Prefix (v6): 2a02:c207:xx::/40
Client AS (v6): 51167 (CONTABO)
IPv6 Probes: 82

Outbound spoofing summary (from the client to our server)
Source address type	IPv4		IPv6
Private - RFC1918 or ULA	blocked		blocked
Routable	received		received
Largest spoofable neighbor prefix length	/8		/24

Spoof status key
received		Spoofed packet was received.	✔	Pattern of tests from this IP block indicates a switch from allowing spoofing to blocking it.
rewritten		Spoofed packet was received, but the source address was changed en route.
blocked		Spoofed packet was not received, but unspoofed packet was.
unknown		Neither spoofed nor unspoofed packet was received.

IPv4 Adjacent Netblock Testing:

Your host (5.189.187.x/24) can spoof 16777215 neighboring addresses (within your /8 prefix)

Spoofed source address (anon)	Prefix Length	ASN of spoofed source address	Received
5.189.187.x/24	/31	51167	yes
5.189.187.x/24	/30	51167	sendto
5.189.187.x/24	/29	51167	yes
5.189.187.x/24	/28	51167	yes
5.189.187.x/24	/27	51167	yes
5.189.187.x/24	/26	51167	sendto
5.189.187.x/24	/25	51167	yes
5.189.187.x/24	/24	51167	yes
5.189.186.x/24	/23	51167	yes
5.189.185.x/24	/22	51167	yes
5.189.191.x/24	/21	51167	yes
5.189.179.x/24	/20	51167	yes
5.189.171.x/24	/19	51167	yes
5.189.155.x/24	/18	51167	yes
5.189.251.x/24	/17	44050	yes
5.189.59.x/24	/16	12668	yes
5.188.187.x/24	/15	44050	yes
5.191.187.x/24	/14	31721	yes
5.185.187.x/24	/13	5617	yes
5.181.187.x/24	/12	UNROUTED	no
5.173.187.x/24	/11	39603	yes
5.157.187.x/24	/10	197476	yes
5.253.187.x/24	/9	UNROUTED	no
5.61.187.x/24	/8	58243	yes

Meaning of status in Received column:

no	Packets spoofed from adjacent netblock were not received, probably due to blocking
yes	Packets spoofed from adjacent netblock were received
yes	Packets spoofed from adjacent netblock were received (but that netblock is within the source AS)
sendto	The spoofer client was unable to send spoofed headers due to an operating system restriction.

IPv4 Outbound Filtering Depth:

The tracefilter test found your host able to spoof routable, non-adjacent source addresses through the first 10 IP hop(s).

IPv6 probes:

Spoofed source address	Destination	Received
2001:48d0:101:501:ec4:7aff:fea8:71a8	2001:48d0:101:501::242	yes
2001:4978:1fb:6400::d2	2001:48d0:101:501::242	no
2001:49aa:111:aa00::11	2001:48d0:101:501::242	yes
fd11:1111:1111::1111	2001:48d0:101:501::242	no

IPv6 Adjacent Netblock Testing:

Spoofed source address (anon)	Prefix Length	ASN of spoofed source address	Received
2a02:c207:xx::/40	/120	51167	sendto
2a02:c207:xx::/40	/112	51167	yes
2a02:c207:xx::/40	/104	51167	yes
2a02:c207:xx::/40	/96	51167	yes
2a02:c207:xx::/40	/88	51167	yes
2a02:c207:xx::/40	/80	51167	sendto
2a02:c207:xx::/40	/72	51167	yes
2a02:c207:xx::/40	/64	51167	sendto
2a02:c207:xx::/40	/56	51167	yes
2a02:c207:xx::/40	/48	51167	yes
2a02:c207:xx::/40	/40	51167	yes
2a02:c207:80xx::/40	/32	51167	yes
2a02:c287:xx::/40	/24	198725	yes
2a02:4207:xx::/40	/16	UNROUTED	no

Meaning of status in Received column:

no	Packets spoofed from adjacent netblock were not received, probably due to blocking
yes	Packets spoofed from adjacent netblock were received
yes	Packets spoofed from adjacent netblock were received (but that netblock is within the source AS)
sendto	The spoofer client was unable to send spoofed headers due to an operating system restriction.

Summary:

The results from all tests are aggregated to produce a summary "State of IP Spoofing" report.

Feedback:

We welcome questions and feedback to the Spoofer Information Mailing List and invite users to join the Spoofer Users Mailing List for discussion and announcements.