> This is related to SSDP / UPNP and is a UDP amplification attack similar to > the DNS and SNMP UDP attacks. Basically someone forges an IP source on a udp > packet and sends it to port 1900 on the router and the router sends some > larger amount of data back to the forged ip.
>>>Basically someone forges an IP source on a udp packet Shouldn't most ISP's block packets leaving there network with incorrect source IP's?
