Articles > Information Security
Printer Friendly Version
Views: 3156

UDP Amplification Attacks, More than just DNS

Last Updated: 8/27/15

More than just DNS is vulnerable to UDP amplification attacks! Beware the DRDoS!!

A Distributed Reflective Denial of Service (DRDoS) attack is a form of Distributed Denial of Service (DDoS) that relies on the use of publicly accessible UDP servers, as well as bandwidth amplification factors, to overwhelm a victim system with UDP traffic.

Certain UDP protocols have been identified as potential attack vectors:

  • DNS
  • NTP
  • SNMPv2
  • NetBIOS
  • SSDP
  • CharGEN
  • QOTD
  • BitTorrent
  • Kad
  • Quake Network Protocol
  • Steam Protocol
  • RIPv1
  • Multicast DNS (mDNS)
  • Portmap

 

Source:
UDP-Based Amplification Attacks | US-CERT
https://www.us-cert.gov/ncas/alerts/TA14-017A





Keywords: none