> > > > It's a DDoS, not a DoS. The attack is executed by 'zombies', which are infected PCs from 'normal' people that are usually unaware of the trojan on their PC. So you wouldn't see the IPA of the real attacker anyway.

> > > Understand the difference. What I meant was it would be silly of the attacker to use his 'zombies' without spoofing their IPA, he wants to keep them, not have them discovered.

> > Well, that depends. If he can't attack with them, they're kinda useless.

> Very useless, no point in having them. So having them operate with their real IPA is not something the attacker would want to do, so he spoofs their IPA but if egress filtering was applied by the ISPs spoofing would not work. (at least not to the degree it does at the moment)

I think you got what Olaf said wrong...
Not gonna bother explaining that though...

Anyway, the solution woulden't be having ISP's filter and such but what Microsoft is planning on doing:
Making the next operation system with an anti virus plugged in!