> Which is easier to shut down, an attack coming from a relatively small > number of /16s that belong to the government, or one coming from the > same number of source nodes scattered *all* over Comcast and Verizon > and BT and a few other major providers? > > Hint 1: Consider the number of entry points into your network > for the two cases, especially if you are heavily peered with one or more > of the source ISPs.
The Federal Government (through its "Trusted Internet Connection" initiative) is trying to limit the number of entry points into the US Government networks. (As I recall from 4000 interconnects to around 50, where both numbers have a high percentage of politics in the error bar.)