Stories
Slash Boxes
Comments

SoylentNews is people

DDoS Attacks Leverage UPnP Protocol to Avoid Mitigation

posted by Fnord666 on Saturday May 19 2018, @10:51PM   Printer-friendly
from the all-your-ports-are-belong-to-us dept.
Security

MrPlow writes:

Submitted via IRC for SoyCow3941

Attackers are experimenting with a new method of avoiding some DDoS mitigation solutions by employing the Universal Plug and Play (UPnP) protocol to mask the source port of network packets sent during the DDoS flood.

In a report published on Monday, DDoS mitigation firm Imperva says it observed at least two DDoS attacks employing this technique.

By masking the origin port of incoming network packets, Imperva says that older DDoS mitigation systems that rely on reading this info to block attacks will need to be updated to more complex solutions that rely on deep packet inspection (DPI), a more costly and slower solution.

Source: https://www.bleepingcomputer.com/news/security/ddos-attacks-leverage-upnp-protocol-to-avoid-mitigation/

Related: New DDoS Attack Method Demands a Fresh Approach to Amplification Assault Mitigation

Original Submission

This discussion has been archived. No new comments can be posted.
DDoS Attacks Leverage UPnP Protocol to Avoid Mitigation | Log In/Create an Account | Top | 3 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)

  • (Score: -1, Troll) by Anonymous Coward on Saturday May 19 2018, @11:27PM

    by Anonymous Coward on Saturday May 19 2018, @11:27PM (#681703)

    Trembling, the little boy peeked out of the crack between the two cupboard doors. Nothing. Nothing was there. Then, seconds later, he appeared; it was that man again.

    The man's appearance was truly terrifying; skinny, haggard, balding, and deformed. The mere sight of the man caused the boy to shake uncontrollably. Soon, the man started walked and seemed to be leaving the kitchen, which filled the boy with relief. 'Maybe he'll leave this time,' the child thought to himself.

    Suddenly, and without any warning, the man looked directly at the child peeking out of the crack under the kitchen sink. "Hrm!" the man screeched, as he rapidly tippy-toed towards the boy. The monstrous man slowly reached his hands towards the cupboard doors to open them, and...

    "Yummy!" Tillerson exclaimed; he had feasted on what was inside this house, leaving nothing behind. The man recalled the morsels he found in this little treasure trove; two little boys, a little girl, and their mommy. As he thought about the delicacies he had devoured and utilized, the man could not help but smile. Still, this place was now the epitome of silence, so it was time for Tillerson to leave. The man waved goodbye to the now-empty house and departed.

    Utilized and silent, the four corpses in the home slowly decayed and filled the air with a rotten stench...

  • (Score: 1, Insightful) by Anonymous Coward on Sunday May 20 2018, @04:19AM (1 child)

    by Anonymous Coward on Sunday May 20 2018, @04:19AM (#681772)

    ... to not have UPnP enabled... at ALL. We've been far overdue for a more secure replacement anyway.

    • (Score: 0) by Anonymous Coward on Sunday May 20 2018, @07:11PM

      by Anonymous Coward on Sunday May 20 2018, @07:11PM (#681928)

      do people still have this on?

      do firewalls still let this get out?

      i guess wizards are just making it work for people. maybe that is why things come with no manuals anymore. your wifi router comes with a foldable prinout of arrows and circles and if you disable upnp you cant get online to find the same thing in pdf form to try to bypass the insecurity and do it correctly.

      can we make a new internet. i will try not to let the dumb people in my life on it or let them see it.

(1)