Re: TCP-AMP DDoS Attack - Fake abuse reports problem

["Jean | ddostest.me via NANOG" <nanog () nanog org>]

It doesn't sound to be a real amplification.. If it is, can anyone 
provide the amplification factor? 1x?

It sounds more like a TCP spoofing.

Jean

On 2020-02-20 18:22, Töma Gavrichenkov wrote:
> Peace,
>
> On Fri, Feb 21, 2020, 1:57 AM Filip Hruska <fhr () fhrnet eu 
> <mailto:fhr () fhrnet eu>> wrote:
>
>     [..] OVH has been offering DDOS protection capable of soaking up
>     hundreds of gigabits+ per second as a standard with all their
>     services for a long time
>
> They only do it for common trivial vectors like UDP-based 
> amplification — and other types easily handleable through flowspec.
>
> Which is honestly not their fault because they try to keep their costs 
> down.  (Other means to keep the costs down may be of concern of Ronald 
> G. though, but that's a different story.)
>
> However, TCP amplification is not of that sort.
>
> --
> Töma