Re: OK, so the dystopian-but-realistic solution is...
A DDoS target notifies their ISP, who analyzes the attack pattern, then starts back-tracing the source addresses of incoming attack packets
That's fine for TCP connections (not SYN floods[1]), but useless against UDP attacks such as DNS or NTP amplification attacks.
Vic.
[1] Yes, there are ways of mitigating SYN flood attacks.
Biting the hand that feeds IT
