Submitted via IRC for SoyCow3941
Attackers are experimenting with a new method of avoiding some DDoS mitigation solutions by employing the Universal Plug and Play (UPnP) protocol to mask the source port of network packets sent during the DDoS flood.
In a report published on Monday, DDoS mitigation firm Imperva says it observed at least two DDoS attacks employing this technique.
By masking the origin port of incoming network packets, Imperva says that older DDoS mitigation systems that rely on reading this info to block attacks will need to be updated to more complex solutions that rely on deep packet inspection (DPI), a more costly and slower solution.
Related: New DDoS Attack Method Demands a Fresh Approach to Amplification Assault Mitigation
(Score: 0) by Anonymous Coward on Sunday May 20 2018, @07:11PM
do people still have this on?
do firewalls still let this get out?
i guess wizards are just making it work for people. maybe that is why things come with no manuals anymore. your wifi router comes with a foldable prinout of arrows and circles and if you disable upnp you cant get online to find the same thing in pdf form to try to bypass the insecurity and do it correctly.
can we make a new internet. i will try not to let the dumb people in my life on it or let them see it.