This document discusses tracking down sources of spoofed IP packets. It begins with an introduction to IP spoofing and denial of service attacks. It then describes existing traceback methods, including proactive techniques like packet marking and messaging. A new approach is presented where a network operator can induce routing changes and measure traffic volumes to correlate networks with spoofed traffic. Operational considerations for deployment are discussed. The conclusion is that the proposed techniques can effectively manipulate routes to track spoofed traffic sources.