GoDaddy : DDoS : : Contact

Mel Beckman mel at beckman.org
Mon Aug 3 12:40:49 UTC 2015


John,

What would be the point of spoofing the source IPs to be identical? You're just making the attack trivial to block.  Plus you could never do any kind of TCP session attack, since you can't complete a handshake. I would have to call this sort of attack a LAAADDoS (Lame Attempt At A DDoS). :)

 -mel beckman

On Aug 2, 2015, at 10:11 PM, John Levine <johnl at iecc.com> wrote:

>>> DDoS = multiple IPs
>>> 
>>> DoS = single IP
>> 
>> It seems most people colloquially use DDoS for both, and reserve DoS for 
>> magic-packet blocking exploits like the latest BIND CVE, FYI.
> 
> Given how easy it still is to put a fake source address in an IP
> packet, it seems optimistic to assume that just because the packets
> all have the same return address, they're actually coming from the
> same place.
> 
> R's,
> John



More information about the NANOG mailing list