Peace, On Tue, Oct 27, 2020 at 9:35 AM Martin Thomson <[email protected]> wrote: > 25x amplification isn't anything to celebrate, but you might > say that the setup cost and other inherent limitations mean > that it is rarely that bad.
This is a price an attacker only needs to pay once. If this code leaks to one of the myriad Mirai forks available on Github, the cost would be effectively zero then. > Recommending that implementations limit the number > probes and the number of probed paths might then be > sufficient. _Recommendations_ never worked well for DDoS prevention in the past. I think Section 11.3 of RFC 7252 and what happened next is the most recent example of that. -- Töma
