Combined with IP source address spoofing, it would probably help greatly with DD... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		plingbang on Dec 5, 2023 \| parent \| context \| favorite \| on: Show HN: How did your computer reach my server? Combined with IP source address spoofing, it would probably help greatly with DDoS amplification attacks while only saving up <50% packets for good users. If you care about time rather than packet count, you can send packets with all reasonable TTL values at once.

kazinator on Dec 5, 2023 [–]

Oh no question; the amplification is concerning. Send one packet, get 19 responses, versus having to send 19 packets to get 19 responses: it's a "gain" of 19 to 1.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact