I have used tn several routers for many year, and never have had any problem. Yes you can spoofe and IP, and yes you can do DDoS.
Best ting to do is to not have internett at all 
PS original Idea are not mine, just added more stuff to it like the tarpit, logging etc.
\
Use Splunk> to log/monitor your MikroTik Router(s). See link below. 