It is spoofing, but it is also absolutely amplification. Look at the preso that Damien linked : https://www.usenix.org/conference/woot14/workshop-program/presentation/kuhrer
Hope that this doesn't become one of the 'services' that you provide! :) On Thu, Feb 20, 2020 at 6:40 PM Jean | ddostest.me via NANOG < nanog@nanog.org> wrote: > It doesn't sound to be a real amplification.. If it is, can anyone provide > the amplification factor? 1x? > > It sounds more like a TCP spoofing. > > Jean > On 2020-02-20 18:22, Töma Gavrichenkov wrote: > > Peace, > > On Fri, Feb 21, 2020, 1:57 AM Filip Hruska <f...@fhrnet.eu> wrote: > >> [..] OVH has been offering DDOS protection capable of soaking up hundreds >> of gigabits+ per second as a standard with all their services for a long >> time >> > They only do it for common trivial vectors like UDP-based amplification — > and other types easily handleable through flowspec. > > Which is honestly not their fault because they try to keep their costs > down. (Other means to keep the costs down may be of concern of Ronald G. > though, but that's a different story.) > > However, TCP amplification is not of that sort. > > -- > Töma > >>
