Krebs on Security booted off Akamai network after DDoS attack proves pricey

John Levine johnl at iecc.com
Mon Sep 26 15:56:49 UTC 2016


>>That paper is about reflection attacks.  From what I've read, this was 
>>not a reflection attack.  The IoT devices are infected with botware 
>>which sends attack traffic directly.  Address spoofing is not particularly 
>>useful for controlling botnets.  
>
>But that's not only remaining use of source address spoofing in direct 
>attacks, no?  Even if reflection and amplification are not used, spoofing 
>can still be used for obfuscation.

I agree that it would be nice if more networks did ingress filtering,
but if you're expecting a major decrease in evil, you will be
disappointed.

At this point it's mostly useful for identifying the guilty or
negligent parties afterwards.

R's,
John



More information about the NANOG mailing list