nanog mailing list archives

RE: UDP port 80 DDoS attack

From: George Bonser <gbonser () seven com>
Date: Wed, 8 Feb 2012 08:04:42 +0000

-----Original Message-----
From: bas 
Sent: Tuesday, February 07, 2012 11:56 PM
To: Dobbins, Roland; nanog
Subject: Re: UDP port 80 DDoS attack

Say eyeball provider X has implemented automated S/RTBH, and I have a
grudge against them.
I would simply DoS a couple of the subscribers *with spoofed source IP*
addresses from google, youtube, netflow and hulu.
The automated S/RTBH drops all packets coming from those IP addresses.
Presto; many angry consumers call the ISP's helpdesk.


Comes back to providers allowing "spoofed" traffic into their networks from customers.  That seems to me to be the 
low-hanging fruit here.

Current thread:

Re: UDP port 80 DDoS attack, (continued)
- Re: UDP port 80 DDoS attack Keegan Holley (Feb 05)
  - Re: UDP port 80 DDoS attack Dobbins, Roland (Feb 05)
    - Re: UDP port 80 DDoS attack Keegan Holley (Feb 05)
    - Re: UDP port 80 DDoS attack Dobbins, Roland (Feb 05)
    - Re: UDP port 80 DDoS attack Dobbins, Roland (Feb 05)
    - Re: UDP port 80 DDoS attack Keegan Holley (Feb 05)
    - Re: UDP port 80 DDoS attack Dobbins, Roland (Feb 05)
    - Re: UDP port 80 DDoS attack Keegan Holley (Feb 05)
    - Re: UDP port 80 DDoS attack Dobbins, Roland (Feb 05)
    - Re: UDP port 80 DDoS attack bas (Feb 07)
    - RE: UDP port 80 DDoS attack George Bonser (Feb 08)
    - Re: UDP port 80 DDoS attack Keegan Holley (Feb 08)
    - RE: UDP port 80 DDoS attack George Bonser (Feb 08)
    - Re: UDP port 80 DDoS attack Keegan Holley (Feb 08)
    - RE: UDP port 80 DDoS attack George Bonser (Feb 08)
    - RE: UDP port 80 DDoS attack George Bonser (Feb 08)
    - Re: UDP port 80 DDoS attack bas (Feb 08)
    - RE: UDP port 80 DDoS attack George Bonser (Feb 08)
    - Re: UDP port 80 DDoS attack Keegan Holley (Feb 08)
    - RE: UDP port 80 DDoS attack Drew Weaver (Feb 08)
    - RE: UDP port 80 DDoS attack Sven Olaf Kamphuis (Feb 09)

(Thread continues...)