nanog mailing list archives
Re: Is malicious asymmetrical routing still a thing?
From: William Herrin <bill () herrin us>
Date: Thu, 9 Mar 2023 17:34:25 -0800
On Thu, Mar 9, 2023 at 5:12 PM William Herrin <bill () herrin us> wrote:
It's trivial to turn a $5 VPS into a disposable VPN head-end that can spray TCP SYN packets at a modest rate, and once the packet is on the backbone somewhere in the world not only can't you do anything about it, it's just on the near side of impossible to figure out where it originally entered.
Come to think of it, there are probably botnets for rent where the "owner" has verified non-compliance with BCP38 and will arrange for X number of fresh machines spread across everywhere to VPN into your server and pass packets for you. Why not bring in a little extra cash while waiting for the next DDOS target? Particularly when the packets emitted are unlikely to be traceable to the bot. Regards, Bill Herrin -- For hire. https://bill.herrin.us/resume/
Current thread:
- Is malicious asymmetrical routing still a thing? John Levine (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Aaron1 (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? William Herrin (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Jon Lewis (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Grant Taylor via NANOG (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Mark Tinka (Mar 12)
- Re: Is malicious asymmetrical routing still a thing? William Herrin (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Christopher Munz-Michielin (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Christopher Morrow (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Grant Taylor via NANOG (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? William Herrin (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? William Herrin (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Aaron1 (Mar 09)