Easy-to-Use NTP Amplification Emerges as Common DDoS Attack Vector

Found on eWEEK on Sunday, 20 April 2014

The two most popular types of reflection attacks, which bounce network traffic off intermediate servers on the Internet, have shot up in popularity, accounting for 23 percent of all infrastructure attacks in the 2014 first quarter, Akamai stated in its Prolexic Quarterly Global DDoS Attack Report.

The largest attack seen by Akamai targeted a European entertainment firm, and exceeded 200G bps at its peak, the firm said. The attack lasted more than 10 hours, and amplified the attack volume through vulnerable servers using a combination of NTP and the Domain Name System (DNS) reflection.

To be fair, NTP and DNS both were developed long before there was any reason to think about abuse. Or better: the network was so small back then that it was easy to find out who is the abuser.

Browse all articles« Previous « » Next »