On Sat, Dec 12, 2015 at 09:23:47AM -0800, Jim Shankland wrote: > Also, this jumped out at me: > > "The problem with the recent attack is that the originating IP > addresses were evenly distributed within the IPV4 universe," McAfee > says. "This is virtually impossible using spoofing." > > Am I missing something, or is an even distribution of originating IP > addresses virtually impossible *without* using spoofing?
I think it's quite doable using botnets. I routinely log attacks/abuse that are clearly coordinated, yet originate from very diverse sources. ---rsk