Death of the Internet, Film at 11

John Levine johnl at iecc.com
Mon Oct 24 12:40:28 UTC 2016


>Dumb question:
>
>If some camera, vaccum cleaner, toothbrush or refrigirator is behind
>NAT, can it do IP spoofing ?  Won't the "from" address be replaced by
>the CPE router with the proper IP address assigned to that customer so
>that on the Internet itself, that packet will travel with a real IP
>routable back to the CPE ?

Depends on the way the NAT box works.  But since Dyn-style attacks
don't use IP spoofing, it doesn't really matter.

>Could mobile phones become a source of such attacks ?

Depends both on the phone and on the network.  But since Dyn-style
attacks don't use IP spoofing, it doesn't really matter.

>If the number of infected devices in eastern USA is insufficient to have
>caused that DDoS, can one infer that the attack used an actual IP
>address instead of the anycast one in order to target the the eastern USA
>hosts irrespective of the location of the infected device ?

No.  Anycast addresses are real IP addresses.  There isn't a "real"
address to attack.

R's,
John


More information about the NANOG mailing list