> The issue is that the CPU spikes to ~90% utilization for the server
> during the attack, for as long as the attack lasts.  So the theory is
> that Python isn't throttling or processing the malformed packets
> properly.  Copying Renier for any additional info.

I don't know who Renier is, but Python is a programming language and
doesn't integrate a "throttling" facility or ad-hoc protection against
network attacks. Other programming languages will show exactly the same
behaviour. The socket module gives access to the system's low-level
socket operations, it is not a high-level network programming framework.

Besides, truly malformed packets will never get processed by Python,
they will be blocked by the kernel (e.g. because of a checksum failure).