This document discusses detecting spoofing at internet exchange points (IXPs). It begins by providing background on Cloudflare and some statistics on their global network. It then discusses how spoofing allows very small requests to become large distributed denial of service (DDoS) attacks. The document outlines Cloudflare's IXPantiSpoofer script, which matches MAC addresses from an IXP to autonomous system (AS) numbers to detect spoofing. It encourages improving detection methods and argues that IXPs could help alert members to misconfigurations and isolate malicious traffic, improving security for all members.