During post-incident analysis of the massive 2016 DDoS against DNS provider Dyn, investigators noted that tightening BCP 38 source-address validation on upstream routers did not appreciably reduce the attack traffic. Which characteristic of the Mirai botnet's traffic most directly explains why this countermeasure was ineffective?
The bots sent high-rate traffic from their real, routable IP addresses rather than using forged source addresses.
The attack depended on DNS amplification that masked the true origin of packets with spoofed victim IPs.
Most packets were deliberately fragmented, allowing them to slip past access-control lists on the provider edge.
Mirai encapsulated its floods in IPv6-over-IPv4 tunnels, preventing IPv4 ingress filters from seeing the original headers.
BCP 38 ingress filtering is designed to drop packets that carry spoofed source IP addresses. The Mirai botnet that overwhelmed Dyn in October 2016 did not rely on spoofing or reflection; each compromised IoT device sent large volumes of direct TCP and UDP packets using its own legitimate public IP address. Because the sources were not forged, BCP 38 had nothing to filter, so the measure provided little relief. Options mentioning spoofed reflection, IPv6 tunneling, or deliberate fragmentation do not match the documented behavior of the Mirai attack.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the Mirai botnet and how did it work during the Dyn DDoS attack?
Open an interactive chat with Bash
What is BCP 38 and how does it help prevent spoofed attacks?
Open an interactive chat with Bash
How do IoT devices contribute to vulnerabilities in DDoS attacks?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Network and Perimeter Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .