Portmapper abused to summon huge DDoS attacks - what does it all mean?

[InfoSec News <alerts () infosecnews org>]

http://www.techworld.com/news/security/portmapper-abused-summon-huge-ddos-attacks-what-does-it-all-mean-3623349/

By John E Dunn
techworld.com
Aug 19, 2015

In 2012 cybercriminals figured out how to abuse DNS to generate vast DDoS 
'reflection' attacks, which can be thought of as a way of creating a lot 
of traffic for very little input. By 2013, they’d moved on to Network Time 
Protocol (NTP), Simple Network Management Protocol (SNMP), followed by 
Simple Service Discovery Protocol (SSDP) not long after.

Spot a pattern here? The DDoS attacks welling up on the back of lazy 
server misconfigurations running these services were sometimes 
spectacular, certainly worrying. Admins rushed to fix the vulnerabilities 
but every time they did the cybercriminals moved on to a new protocol or 
service and so the pattern repeated itself.

DDoS mitigation firms now regularly warn about any number of common but 
little considered protocols and so it has come to pass that another 
obscure service, Portmapper, has now joined the list of the abused.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/