undefined | Better HN

0 pointsreacharavindh9y ago0 comments

Ah, (inter)networking 101. Thanks! Then, is there a way for the DNS providers to know the ultimate recepient at all? MAC address? (or does it get truncated at the lower levels and not passed over IP protocol?)

0 comments

jlgaddis9y ago

Nope. Assuming you have a router connecting your home network to your ISP, for example, the MAC addresses of your "internal" devices are not visible to the ISP. The only MAC address they see is the MAC address of your router's "WAN" interface.

The source/destination MAC addresses in an Ethernet frame (layer 2) are rewritten at every router (layer 3) hop. The original IP source/destination addresses in the IP packet, however, do not change (exception: NAT, which does exactly that).

Another problem -- in many (most?) DDoS attacks where UDP traffic is involved -- is that the source IP addresses are "spoofed". That is, IP packet that the victim receives says that it's coming from Alice but it really came from Bob. There are also "amplification" attacks, where an "innocent third-party" is used, unknowingly, to "help" perform the attack.

j / k navigate · click thread line to collapse

0 comments

jlgaddis9y ago

j / k navigate · click thread line to collapse