http://www.techworld.com/news/security/portmapper-abused-summon-huge-ddos-attacks-what-does-it-all-mean-3623349/
By John E Dunn
techworld.com
Aug 19, 2015
In 2012 cybercriminals figured out how to abuse DNS to generate vast DDoS
'reflection' attacks, which can be thought of as a way of creating a lot
of traffic for very little input. By 2013, they’d moved on to Network Time
Protocol (NTP), Simple Network Management Protocol (SNMP), followed by
Simple Service Discovery Protocol (SSDP) not long after.
Spot a pattern here? The DDoS attacks welling up on the back of lazy
server misconfigurations running these services were sometimes
spectacular, certainly worrying. Admins rushed to fix the vulnerabilities
but every time they did the cybercriminals moved on to a new protocol or
service and so the pattern repeated itself.
DDoS mitigation firms now regularly warn about any number of common but
little considered protocols and so it has come to pass that another
obscure service, Portmapper, has now joined the list of the abused.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
