[192296] in North American Network Operators' Group
Re: Death of the Internet, Film at 11
daemon@ATHENA.MIT.EDU (John Levine)
Mon Oct 24 16:59:34 2016
X-Original-To: nanog@nanog.org
Date: 24 Oct 2016 12:40:28 -0000
From: "John Levine" <johnl@iecc.com>
To: nanog@nanog.org
In-Reply-To: <580E64E0.9090907@vaxination.ca>
Errors-To: nanog-bounces@nanog.org
>Dumb question:
>
>If some camera, vaccum cleaner, toothbrush or refrigirator is behind
>NAT, can it do IP spoofing ? Won't the "from" address be replaced by
>the CPE router with the proper IP address assigned to that customer so
>that on the Internet itself, that packet will travel with a real IP
>routable back to the CPE ?
Depends on the way the NAT box works. But since Dyn-style attacks
don't use IP spoofing, it doesn't really matter.
>Could mobile phones become a source of such attacks ?
Depends both on the phone and on the network. But since Dyn-style
attacks don't use IP spoofing, it doesn't really matter.
>If the number of infected devices in eastern USA is insufficient to have
>caused that DDoS, can one infer that the attack used an actual IP
>address instead of the anycast one in order to target the the eastern USA
>hosts irrespective of the location of the infected device ?
No. Anycast addresses are real IP addresses. There isn't a "real"
address to attack.
R's,
John
