Jump to content

Drdos Attack - How Do You Determine The Real Source Ip?


Kappea
 Share

Recommended Posts

Here's a question for you guys...

If a person's DNS server is being used as part of a Distributed Reflected Denial of Service attack (DRDOS), is there any way to determine the real IP address where the DNS requests are coming from?

Link to comment
Share on other sites

Technically yes but actually no.

You would have to monitor every router on the internet and determine which router got the spoofed packet first assuming that the first router it came from is not the same router that the legitimate source is on.

However, this is not possible because it is impossible to monitor at that level of detail within a single ISP let alone the whole internet.

Link to comment
Share on other sites

@Kapeea, I would recommend you reading this article.

http://www.esecurityplanet.com/features/ar...DoS-Attacks.htm

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...