Article 5WX5E New method that amplifies DDoSes by 4 billion-fold. What could go wrong?

New method that amplifies DDoSes by 4 billion-fold. What could go wrong?

by
Dan Goodin
from Ars Technica - All content on (#5WX5E)
ddos-800x480.jpg

Enlarge (credit: Getty Images)

Cybercriminals who use giant floods of data to knock sites offline are leveraging a never-before-seen method that has the potential to increase the damaging effects of those floods by an unprecedented 4 billion times, researchers warned on Tuesday.

Like many other types of distributed denial-of-service attacks, the attacks send a modest amount of junk data to a misconfigured third-party service in a way that causes the service to redirect a much larger response at the intended target. So-called DDoS amplification attacks are popular because they lower the requirements needed to overwhelm their targets. Rather than having to marshal huge amounts of bandwidth and computing power, the DDoSer locates servers on the Internet that will do it for them.

It's all about amplification

One of the oldest amplification vectors is misconfigured DNS servers, which increase DDoS volumes by about 54 times. New amplification routes have included the Network Time Protocol servers (about 556x), Plex media servers (about 5x), Microsoft RDP (86x), and the Connectionless Lightweight Directory Access Protocol (at least 50x). Just last week, researchers described a new amplification vector that achieves a factor of at least 65.

Read 11 remaining paragraphs | Comments

index?i=BkGSFBdgiMg:XJUci1tscAU:V_sGLiPB index?i=BkGSFBdgiMg:XJUci1tscAU:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments