Projects

Listed on this page are several projects operated by various colleges and other organizations which provide software you can use to test whether your Internet connection is already protected by BCP38 ingress filtering. While we have no particular reason not to trust any of these organizations, and most of the programs are available in source code so you can inspect them to make sure they themselves do no harm we must include the usual disclaimer:

We take no responsibility for these programs; if by using them, you break anything, you get to keep both pieces.

Certification/Verification

There are many projects you can contribute to.

• BCP38.info - (coming soon)

Our own simple tool, written in perl, to verify if your CPE, ISP or even Tier allow spoofed packet to reach its destination.

• Spoofer project - http://spoofer.csail.mit.edu

Working on creating a world map of where the internet is most susceptible to allowing packets with spoofed IP address to transit. This is a bit older, but still active, and it seems to work pretty well, collectiing quite a bit of data and sending it to project headquarters at MIT.

Identification

• Open Resolver Project - http://openresolverproject.org

Providing information on the state of Open DNS Resolvers -- a common target for the sort of attacts BCP38 makes more difficult -- and information on what to do about yours, if you have one.

Protection

And if you like coding and contributing new ideas:

• Bindguard - http://bindguard.activezone.de

A BIND Log scanner use to reduce the impact of your Open Resolver to Amplification attacks.