Krebs on Security booted off Akamai network after DDoS attack proves pricey

John Levine johnl at
Mon Sep 26 15:56:49 UTC 2016

>>That paper is about reflection attacks.  From what I've read, this was 
>>not a reflection attack.  The IoT devices are infected with botware 
>>which sends attack traffic directly.  Address spoofing is not particularly 
>>useful for controlling botnets.  
>But that's not only remaining use of source address spoofing in direct 
>attacks, no?  Even if reflection and amplification are not used, spoofing 
>can still be used for obfuscation.

I agree that it would be nice if more networks did ingress filtering,
but if you're expecting a major decrease in evil, you will be

At this point it's mostly useful for identifying the guilty or
negligent parties afterwards.


More information about the NANOG mailing list