Death of the Internet, Film at 11

Jean-Francois Mezei jfmezei_nanog at
Mon Oct 24 19:45:36 UTC 2016

Dumb question:

If some camera, vaccum cleaner, toothbrush or refrigirator is behind
NAT, can it do IP spoofing ?  Won't the "from" address be replaced by
the CPE router with the proper IP address assigned to that customer so
that on the Internet itself, that packet will travel with a real IP
routable back to the CPE ?

Could mobile phones become a source of such attacks ? Depending on
subscription, many are given actiual internet IPs and not NATted, so
they could theoretically send packets with spoofed IPs. (would likely
require rooted android phones, and how many of those are there ?)

Second dumb question:

If the number of infected devices in eastern USA is insufficient to have
caused that DDoS, can one infer that the attack used an actual IP
address instead of the anycast one in order to target the the easter USA
hosts irrespective of the location of the infected device ?

Could one operate such a host with the "real" IP address in a subnet
that has its own BGP announcement, and when there is an attack, one
would change the real IP to a different IP address in a different
subnet, and drop the route announcement for the first subnet (making
those attack packets unroutable at the origin). Is that a viable counter
measure ?

More information about the NANOG mailing list