I'm talking about the case where an attacker spoof's his source IP. Lots of networks don't do egress filtering and allow subscribers to send gigabits per second of data with bogus source IPs.