Krebs on Security booted off Akamai network after DDoS attack proves pricey
johnl at iecc.com
Mon Sep 26 15:56:49 UTC 2016
>>That paper is about reflection attacks. From what I've read, this was
>>not a reflection attack. The IoT devices are infected with botware
>>which sends attack traffic directly. Address spoofing is not particularly
>>useful for controlling botnets.
>But that's not only remaining use of source address spoofing in direct
>attacks, no? Even if reflection and amplification are not used, spoofing
>can still be used for obfuscation.
I agree that it would be nice if more networks did ingress filtering,
but if you're expecting a major decrease in evil, you will be
At this point it's mostly useful for identifying the guilty or
negligent parties afterwards.
More information about the NANOG