Re: GoDaddy : DDoS : : Contact

[Mel Beckman <mel () beckman org>]

John,

What would be the point of spoofing the source IPs to be identical? You're just making the attack trivial to block.  
Plus you could never do any kind of TCP session attack, since you can't complete a handshake. I would have to call this 
sort of attack a LAAADDoS (Lame Attempt At A DDoS). :)

 -mel beckman

On Aug 2, 2015, at 10:11 PM, John Levine <johnl () iecc com> wrote:

> > > DDoS = multiple IPs
> > >
> > > DoS = single IP
> >
> > It seems most people colloquially use DDoS for both, and reserve DoS for 
> > magic-packet blocking exploits like the latest BIND CVE, FYI.
>
> Given how easy it still is to put a fake source address in an IP
> packet, it seems optimistic to assume that just because the packets
> all have the same return address, they're actually coming from the
> same place.
>
> R's,
> John