North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: BCP38 making it work, solving problems
- From: Patrick W Gilmore
- Date: Tue Oct 12 13:27:45 2004
On Oct 12, 2004, at 12:50 PM, Bora Akyol wrote:
2.3. For a DDoS attack to succeed more than once, the launch points
remain anonymous. Therefore, forged IP source addresses are used.
the victim's point of view, a DDoS attack seems to come from
at once, even from many IP addresses that are unallocated or
How many people have seen "forged" spoofed IP addresses being used
for DOS attacks lately?
Not saying that I have not see non-forged DoS attacks too, or even
which is more common, just saying they exist, are happening today, and
cause non-trivial problems for some providers.
From my _personal_ experience (not my company, not a scientific
sampling), it appears non-spoofed sources are a bigger problem. But
ignoring spoofed sources would be a mistake, IMHO.