[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[LDM #VFJ-931752]: Does this affect the LDM at all?

Subject: [LDM #VFJ-931752]: Does this affect the LDM at all?
Date: Mon, 14 Sep 2015 11:08:24 -0600

Gilbert,

Interesting article. Thanks for the reference.

This doesn't affect the LDM. The ability to use the portmapper service to 
amplify DDoS attacks is independent of whether or not an LDM is running. The 
LDM will try to use the portmapper on the remote host, but it uses a TCP 
connection rather than UDP, which was the vulnerability mentioned in the 
article, and then only after trying the well-known LDM port, 388.

> Hi Steve,
> 
> Check this out...
> 
> http://blog.level3.com/security/a-new-ddos-reflection-attack-portmapper-an-early-warning-to-the-industry/
> 
> And let me know what you think. Thanks!
> 
> Gilbert
> 
> *******************************************************************************
> Gilbert Sebenste                                                    ********
> (My opinions only!)                                                  ******
> Staff Meteorologist, Northern Illinois University                      ****
> E-mail: address@hidden                                  ***
> web: http://weather.admin.niu.edu                                      **
> Twitter: http://www.twitter.com/NIU_Weather                            **
> Facebook: http://www.facebook.com/niu.weather                           *
> *******************************************************************************


Regards,
Steve Emmerson

Ticket Details
===================
Ticket ID: VFJ-931752
Department: Support LDM
Priority: Normal
Status: Closed

Prev by Date: [LDM #YGE-641148]: PQACT Error
Next by Date: [LDM #BRZ-289323]: Feature request: throttling inbound/outbound traffic
Previous by thread: [LDM #RCA-822786]: Failover doesn't occur when primary feed goes down
Next by thread: [LDM #VFJ-931752]: Does this affect the LDM at all?
Index(es):
- Date
- Thread