Largest Ever 400Gbps Distributed Denial of Service NTP Amplification attack hits Europe servers of anti-DDoS protection firm Cloudfare.
“Very big NTP reflection attack hitting us right now. Appears to be bigger than the #Spamhaus attack from last year. Mitigating,” “Someone’s got a big, new cannon. Start of ugly things to come,” Cloudflare CEO Matthew Price said in a tweet.
Attackers exploited weaknesses in the Network Time Protocol (NTP), it is a networking protocol widely used for the clock synchronization purpose between systems over packet-switched, variable-latency data networks.
” NTP might become a vector for DDoS attacks because, like DNS, it is a simple UDP-based protocol that can be persuaded to return a large reply to a small request. Unfortunately, that prediction has come true.” reported the official post.
Recently, The US-CERT issued an Alert (TA14-017A) for
UDP-based Amplification Attacks listing the UDP protocols identified as potential attack vectors for this category of Distributed Denial of Service attack.
- DNS
- NTP
- SNMPv2
- NetBIOS
- SSDP
- CharGEN
- QOTD
- BitTorrent
- Kad
- Quake Network Protocol
- Steam Protocol
CVE has already coded the Network Time Protocol vulnerability as CVE-2013-5211, the attackers exploit the monlist command for the offensives.
[adrotate banner=”9″]
(Security Affairs – Distributed Denial of Service, cybercrime, NTP attack)