> [...] >> >The benefit is that one cannot pinpoint the real attacker, of course. >> Isn't the same benefit provided by just forging the source address ? > If all the routers in the path play along... but then, they are all > broken.
There's also the fact that all those RST packets can come from all over
the place and they come from where they say they come.
So they're a lot more difficult to block, compared to packets with
a forged source address all coming from the same IP.
Stefan
