Denial Of Service (Or DDoS) attacks have become more and more frequent in recent years with the expansion of the internet and the speeds it can deliver information. A denial of service attack is pretty simple, you find the device you wish to disrupt and send as much data as you can to it, this means that the device quickly becomes overwhelmed and unresponsive, this can be anything from your home router to a world championship tournament.
Level 3 Communications is an American telecommunications and internet service provider company and is considered one of the main bodies for internet within the US. Their chief security officer, Dale Drew, has warned that people may have figured out how to abuse Portmap services to conduct a new form of DDoS attack, one which could have the “potential to be very, very bad”.
Portmap is an open source utility used on both Unix and windows systems, meaning that all operating systems will potentially be open to this new kind of attack. Portmap works by mapping a location and port number to essentially bind and access anything from a networked hard drive to accessing your computer from work over the internet. Either way when someone says that these ports are often left open, you can understand why being able to send lots of unwanted information to a home system could become a problem.
When ports are queried they tend to respond with lots of information about the system or just why it’s saying “NO!”. The problem you often have though is that when you get a response, groups are able to redirect this information to other networks, causing the DDoS attack, all the while the information is coming from your average family router at home.
This particular type of attack is aptly called a DDoS amplification attack, as you can probably tell, it will often result in a lot of people being affected, normally by abusing systems which a lot of people don’t realise are doing anything bad.
Level 3 has contacted ISP’s and forwarded details of those running open Portmap servers, hoping that this way they can quickly resolve the issue before it’s abused too much.
Thank you PC World for the information.
Image courtesy of West End Solutions.