New DDoS attacks misuse NetBIOS name server, RPC portmap, and Sentinel licensing servers

October 29, 2015

Akamai has observed three new reflection DDoS attacks in recent months: NetBIOS name server reflection, RPC portmap reflection, and Sentinel reflection.

In a reflection DDoS attack, also called a DrDoS attack, there are three types of participants: the attacker, victim servers that act as unwitting accomplices, and the attacker’s target. The attacker sends a simple query to a service on a victim host. The attacker falsifies (spoofs) the query, so it appears to originate from the target. The victim responds to the spoofed address, sending unwanted network traffic to the attacker’s target.

Read More