/plushcap/analysis/cloudflare/the-root-cause-of-large-ddos-ip-spoofing

The real cause of large DDoS - IP Spoofing

What's this blog post about?

Large DDoS attacks are possible on the modern internet due to IP spoofing, a technique where an attacker sends IP packets with a fake source IP address. These attacks can be divided into direct and amplification types. Direct attacks involve sending traffic directly against a victim IP, while amplification attacks involve sending traffic to vulnerable UDP servers that reflect and amplify it by sending large responses to the unknowing victim. Both types of attack require IP spoofing. Effective filtering preventing IP spoofing can only be done on the edge of the network - at the last-mile ISPs. The internet community has recognized this issue and written down BCP38, which outlines how source IP filtering can prevent IP spoofing.

Company
Cloudflare

Date published
March 6, 2018

Author(s)
Marek Majkowski

Word count
1873

Language
English

Hacker News points
104


By Matt Makai. 2021-2024.