Is malicious asymmetrical routing still a thing?

• Previous message (by thread): Is malicious asymmetrical routing still a thing?
• Next message (by thread): Request for additional data points
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Mar 9, 2023 at 5:12 PM William Herrin <bill at herrin.us> wrote:
> It's trivial to turn a $5 VPS into a disposable VPN head-end that can
> spray TCP SYN packets at a modest rate, and once the packet is on the
> backbone somewhere in the world not only can't you do anything about
> it, it's just on the near side of impossible to figure out where it
> originally entered.

Come to think of it, there are probably botnets for rent where the
"owner" has verified non-compliance with BCP38 and will arrange for X
number of fresh machines spread across everywhere to VPN into your
server and pass packets for you. Why not bring in a little extra cash
while waiting for the next DDOS target? Particularly when the packets
emitted are unlikely to be traceable to the bot.

Regards,
Bill Herrin



-- 
For hire. https://bill.herrin.us/resume/

• Previous message (by thread): Is malicious asymmetrical routing still a thing?
• Next message (by thread): Request for additional data points
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]