[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

GoDaddy : DDoS : : Contact

Subject: GoDaddy : DDoS : : Contact
From: rdobbins at arbor.net (Roland Dobbins)
Date: Mon, 03 Aug 2015 19:51:23 +0700
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>

On 3 Aug 2015, at 19:40, Mel Beckman wrote:

> What would be the point of spoofing the source IPs to be identical? 
> You're just making the attack trivial to block.

Attackers do strange things all the time.

Most endpoint organizations don't have any way to detect/classify DDoS 
traffic, so they've no idea how to block it.

Plus, it can asymmetrically strain load-balanced server instances, 
links, et. al.

Most DDoS attacks don't involve TCP and 3-way handshakes.  That isn't to 
say they aren't common, but one oughtn't to assume that having the 
ability to do so is a prerequisite for an attacker.

-----------------------------------
Roland Dobbins <rdobbins at arbor.net>

References:
- GoDaddy : DDoS :: Contact
  - From: rdobbins at arbor.net (Roland Dobbins)
- GoDaddy : DDoS : : Contact
  - From: johnl at iecc.com (John Levine)
- GoDaddy : DDoS : : Contact
  - From: mel at beckman.org (Mel Beckman)

Prev by Date: GoDaddy : DDoS : : Contact
Next by Date: GoDaddy : DDoS : : Contact
Previous by thread: GoDaddy : DDoS : : Contact
Next by thread: GoDaddy : DDoS : : Contact
Index(es):
- Date
- Thread