18 May
2017
18 May
'17
7:51 a.m.
On Thu, May 18, 2017 at 11:22:13AM +0300, marius(a)yo2loj.ro wrote:
I still don't see how this is working, unless all
routers on the way
implement connection tracking (which is certainly not the case).
So, they send out a spoofed package using a 44 address as origin and then
what? The reply will never get back to them. Instead it will be routed to
the proper real 44 endpoint, either directly for BGP-ed subnets, or via
44.0.0.1, to no end result.
One-way traffic appears to be used in DDoS attacks, where unanswered
traffic is not a hindrence - huge pings, TCP-opens, massive DNS queries,
router congestion, all of which use up resources on the victim computers
even though there is no expectation of a response.
Modern operating systems are much less vulnerable to such attacks, but they
still can affect a large number of the systems on the internet.
- Brian