On 24 Dec 2015, at 10:30, Andrew Boling wrote: > Another one is customer owned open resolvers. Those are reflectors. I meant the actual *sources* of spoofed packets - e.g., initiators. Sorry for being unclear! ----------------------------------- Roland Dobbins <rdobbins at arbor.net>