> Thanks. I see the concept when you are in a LAN. But with a WAN, I can't see > how you can accomplish this. For example: ip public source address is 1.1.1.1, > destination public ip address is 2.2.2.2 and attacker ip public address is > 3.3.3.3. To establish communications between these three elements, there are > several routers between them to route packets. What I don't see is how when > attacker sends packets to 2.2.2.2 using source public ip address 1.1.1.1, > routers between all elements resturns these packets to attacker (which has > 3.3.3.3 ip address) .... >
Attacker can also announce a more specific prefix with BGP on the Internet and "suck" trafic towards its own infrastructure.
