Here at Host Virtual, we like to keep abreast of the latest network attack trends and patterns to assist in mitigating attacks on our DDoS Protected Cloud service. However, one recent attack vector being used has caused us to actively start scanning our subnets for hosts on our own network unknowingly participating in such attacks. In this blog post, we’ll go ahead and share what we’ve found.
As you may be aware, DNS amplification attacks have been becoming more and more common, leading to some of the largest Denial of Service attacks ever launched. NTP reflection attacks have also started to become prevalent, and these attacks are something we see more and more of every day.
As good netizens it is our, and your responsibility to ensure that services are secured so they cannot be misused.
To that end, we’ve recently launched a daily process that looks for open DNS resolvers and NTP servers running on any host connected to our network. If detected, you will receive an email with links to two KB articles that provide more information on how to secure the services.
If you receive a notice from us, please review the article and test to ensure the service is closed, and if you need help, simply reply to the notice so that we can assist you keep your server safe from these increasingly popular attacks.
Thanks!
Kris & The Host Virtual, Inc Team