One IP address is much the same as another - right? There's
hardly a difference between 192.0.2.45 and 192.0.2.46 is there?
They are just encoded integer values, and aside from
numerological considerations, one address value is as good or bad
as any other - right? So IP addresses are much the same as each
other, and an after-market in IP addresses should be like many
other markets in undistinguished commodity goods. Right? Wrong!
One of the most prominent denial of service attacks in recent
months was one that occurred in March 2013, launched against
Spamhaus and Cloudflare. With a peak volume of
attack traffic of some 120Gbps, it was a very significant attack.
How did the attackers generate such massive volumes of attack
traffic? The answer lies in the Domain Name System (DNS). The
attackers asked about domain names, and the DNS system answered.
Something we all do all of the time on the Internet. So how can a
conventional activity of translating a domain name into an IP
address be turned into a massive attack?
Potaroo blog