[ISN] Portmapper abused to summon huge DDoS attacks – what does it all mean?

http://www.techworld.com/news/security/portmapper-abused-summon-huge-ddos-attacks-what-does-it-all-mean-3623349/ By John E Dunn techworld.com Aug 19, 2015 In 2012 cybercriminals figured out how to abuse DNS to generate vast DDoS ‘reflection’ attacks, which can be thought of as a way of creating a lot of traffic for very little input. By 2013, they’d moved on to Network Time Protocol (NTP), Simple Network Management Protocol (SNMP), followed by Simple Service Discovery Protocol (SSDP) not long after. Spot a pattern here? The DDoS attacks welling up on the back of lazy server misconfigurations running these services were sometimes spectacular, certainly worrying. Admins rushed to fix the vulnerabilities but every time they did the cybercriminals moved on to a new protocol or service and so the pattern repeated itself. DDoS mitigation firms now regularly warn about any number of common but little considered protocols and so it has come to pass that another obscure service, Portmapper, has now joined the list of the abused. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail