UDP port 80 DDoS attack

George Bonser gbonser at seven.com
Wed Feb 8 08:04:42 UTC 2012

> -----Original Message-----
> From: bas 
> Sent: Tuesday, February 07, 2012 11:56 PM
> To: Dobbins, Roland; nanog
> Subject: Re: UDP port 80 DDoS attack
> Say eyeball provider X has implemented automated S/RTBH, and I have a
> grudge against them.
> I would simply DoS a couple of the subscribers *with spoofed source IP*
> addresses from google, youtube, netflow and hulu.
> The automated S/RTBH drops all packets coming from those IP addresses.
> Presto; many angry consumers call the ISP's helpdesk.

Comes back to providers allowing "spoofed" traffic into their networks from customers.  That seems to me to be the low-hanging fruit here.

More information about the NANOG mailing list