Botan DTLS server in versions 2.9.0 and 2.8.0 (and probably earlier ones) can be used to perform Distributed Denial of Service attacks as network amplifier with spoofing of the source IP address.

After receiving DTLS v1.2 Client Hello message (197 bytes long) Botan DTLS server responds with 6 DTLS v1.2 packets:

1. DTLS Alert (warning, unrecognized_name) - 15 bytes,
2. Server Hello - 110 bytes,
3. Certificate - 1022 bytes,
4. Server Key Exchange - 1085 bytes,
5. Server Key Exchange - 1083 bytes,
6. Server Hello Done - 25 bytes.

Together all response packets are 3340 bytes, which gives 1595% amplification factor (calculated as: output/input - 1).
Server responds to IP address from first packet without getting any concurrent response from client, so this request can be used for Distributed Denial of Service.

In case the destination (spoofed) client sends ICMP Host Unreachable to any responses, another set of packets is sent:

1. DTLS Alert (Warning, Unrecognized name) - 15 bytes,
2. Server Hello - 110 bytes,
3. Certificate - 1022 bytes,
4. DTLS Alert (Fatal, Internal Error) - 15 bytes.

Together all response packets are 1162 bytes, which gives 490% amplification factor, which is still enough to perform DDoS attacks.

Script that can be used to reproduce this issue was delivered to Jack Lloyd via encrypted email.