@briankrebs I thought that DDOS protection shuts down or rate-limits connection attempts after detecting a high volume, right? Does that detection just not work if they requestor also sends cancellation messages?

In other words, after the first 10 or 100 are sent and cancelled, why would the server not just reject any connection attempt from that host?