[e2e] DDoS attack vs. Spoofing of Source Address
Zhang Miao
zm at cernet.edu.cn
Tue Jan 17 16:40:15 PST 2006
Hi,
I just have a question related to DDoS Attack and Spoofing of Source Address.
It was common for the DDoS attack to utilize the spoofed source address
two years ago. And many people told me, it is botnets the main way
to launch DDoS attack, in which source address is not spoofed.
I'm just curious on the following questions:
(1) What's the situation of the DDoS attack nowadays? Is spoofing of
source address still a major reason for the DDoS attack?
(2) If most of DDoS attack has shift from using spoofing of source address to
using botnets, why such shift happens?
I suppose two reasons:
1) Ingress filter has been deployed in many ISPs, and attacker feel it's
hard to launch such attack now.
2) It's easier to launch attack with botnets than with spoofed source address.
But I am not sure about it.
(3) Is it easier to handle DDoS attack if the source address in the packet
is authentic?
I'm quite grateful to your answers.
Miao
*****************************************************************
* Zhang Miao *
* Ph.D, Assistant Professor, Network Research Center *
* Tsinghua University,Beijing,China(100084) *
* Tel: (8610)-62795818-6271 *
* Email: zm at cernet.edu.cn *
* Web: http://netarchlab.tsinghua.edu.cn/~zm *
*****************************************************************
More information about the end2end-interest
mailing list