[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[LDM #VFJ-931752]: Does this affect the LDM at all?



Gilbert,

Interesting article. Thanks for the reference.

This doesn't affect the LDM. The ability to use the portmapper service to 
amplify DDoS attacks is independent of whether or not an LDM is running. The 
LDM will try to use the portmapper on the remote host, but it uses a TCP 
connection rather than UDP, which was the vulnerability mentioned in the 
article, and then only after trying the well-known LDM port, 388.

> Hi Steve,
> 
> Check this out...
> 
> http://blog.level3.com/security/a-new-ddos-reflection-attack-portmapper-an-early-warning-to-the-industry/
> 
> And let me know what you think. Thanks!
> 
> Gilbert
> 
> *******************************************************************************
> Gilbert Sebenste                                                    ********
> (My opinions only!)                                                  ******
> Staff Meteorologist, Northern Illinois University                      ****
> E-mail: address@hidden                                  ***
> web: http://weather.admin.niu.edu                                      **
> Twitter: http://www.twitter.com/NIU_Weather                            **
> Facebook: http://www.facebook.com/niu.weather                           *
> *******************************************************************************


Regards,
Steve Emmerson

Ticket Details
===================
Ticket ID: VFJ-931752
Department: Support LDM
Priority: Normal
Status: Closed


NOTE: All email exchanges with Unidata User Support are recorded in the Unidata inquiry tracking system and then made publicly available through the web. If you do not want to have your interactions made available in this way, you must let us know in each email you send to us.