[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

GoDaddy : DDoS : : Contact

Subject: GoDaddy : DDoS : : Contact
From: mel at beckman.org (Mel Beckman)
Date: Mon, 3 Aug 2015 12:40:49 +0000
In-reply-to: <[email protected]>
References: <[email protected]>, <[email protected]>

John,

What would be the point of spoofing the source IPs to be identical? You're just making the attack trivial to block.  Plus you could never do any kind of TCP session attack, since you can't complete a handshake. I would have to call this sort of attack a LAAADDoS (Lame Attempt At A DDoS). :)

 -mel beckman

On Aug 2, 2015, at 10:11 PM, John Levine <johnl at iecc.com> wrote:

>>> DDoS = multiple IPs
>>> 
>>> DoS = single IP
>> 
>> It seems most people colloquially use DDoS for both, and reserve DoS for 
>> magic-packet blocking exploits like the latest BIND CVE, FYI.
> 
> Given how easy it still is to put a fake source address in an IP
> packet, it seems optimistic to assume that just because the packets
> all have the same return address, they're actually coming from the
> same place.
> 
> R's,
> John

Follow-Ups:
- GoDaddy : DDoS : : Contact
  - From: rdobbins at arbor.net (Roland Dobbins)
- GoDaddy : DDoS : : Contact
  - From: A.L.M.Buxey at lboro.ac.uk (A.L.M.Buxey at lboro.ac.uk)
- GoDaddy : DDoS : : Contact
  - From: list at satchell.net (Stephen Satchell)

References:
- GoDaddy : DDoS :: Contact
  - From: rdobbins at arbor.net (Roland Dobbins)
- GoDaddy : DDoS : : Contact
  - From: johnl at iecc.com (John Levine)

Prev by Date: Quakecon: Network Operations Center tour
Next by Date: GoDaddy : DDoS : : Contact
Previous by thread: GoDaddy : DDoS : : Contact
Next by thread: GoDaddy : DDoS : : Contact
Index(es):
- Date
- Thread