What are TCP reflection attacks?
Reflection attacks involve the attacker sending forged packets with spoofed source IP addresses to a reflector service.
Then vs Now
One of the earliest reflection attacks was authored in the early 90s, called a Smurf Attack.
Mitigating TCP reflection attacks
Defending against TCP reflection attacks is quite a challenge. Although you can block the attacker’s IP address, it isn’t very effective because the attacker spoofs legitimate addresses.
Expert opinion“We expect this attack vector to be included in the DDoS landscape going forward. Expect to see TCP amplification used in parallel with UDP amplification as part of a multi-vector campaign designed to defeat mitigation defenses,” say security experts.