Susceptibility to be used in reflection DDoS attacks


#1

Recently, Brian Krebs’s website (http://krebsonsecurity.com/) was hit by a DDoS attack of over 600 Gigabits of traffic per second. At first maybe by DNS reflection attack, where routers & other systems providing local DNS services are tricked into providing DNS responses to the target’s spoofed IP address on the WAN side. I always assumed that routers didn’t provide DNS services to the WAN side, but it sounds like some do(?) (See the Krebs link above’s September 21 2016 blog post.) From the blog post, it looks instead like it was a different type of attack.

But the reflection attack business prompts me to ask this dumb question: Can Pepwave routers get used in such a reflection attack by some miscreants? If so, is there a way to prevent it?


#2

Hi MJburns,

Too ealier to discuss on this as all the involve parties still investigating source of the attacks and type of the attack. Even the website (http://krebsonsecurity.com/) up to now still down. Big player like Akamai also has no comment regarding to this and the solution involved

For more information, please refer to the URL below:
http://www.securityweek.com/brian-krebs-blog-hit-665-gbps-ddos-attack?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+(SecurityWeek+RSS+Feed)

Definitely this is not just a prevention from a single product vendor & it’s more on the overall cyber-security rules that need to enforce. There are plenty of DDoS mitigation firm in the market and they still doubt to give any comment regarding to the prevention methods.

The attack on KrebsOnSecurity also differed in that it seemed to instead use a very large botnet of hacked devices.
http://www.dos-mitigation.com/renowned-blog-krebsonsecurity-hit-with-massive-ddos-attack/

Let’s see what the latest update from all the involved parties and we can discuss further for the :wink: dumb question.

Thank You