 |
|
|
|
|
|
|
|
|
|
|
| • |
Perpetrator
has T1 bandwidth available (typically a cracked
|
|
account), and
uses half of it (768 Kbps) to send spoofed
|
|
|
packets, half
to bounce site 1, half to bounce site 2
|
|
|
| • |
Bounce site 1
has a switched co-location network of 80
|
|
|
hosts and T3
connection to net
|
|
|
| • |
Bounce site 2
has a switched co-location network of 100
|
|
|
hosts and T3
connection to net
|
|
|
| • |
(384 Kbps * 80
hosts) = 30 Mbps outbound traffic for
|
|
|
bounce site 1
|
|
|
| • |
(384 Kbps *
100 hosts) = 37.5 Mbps outbound traffic for
|
|
|
bounce site 2
|
|
|
| • |
Victim is
pounded with 67.5 Mbps (!) from half a T1!
|
|
