1 Jun
2016
1 Jun
'16
9:54 p.m.
Thanks for the heads up on this!
---
Pardon my brevity, I'm on a Samsung Galaxy smartphone.
---
Sent via axMail-Fax by N1URO.
On June 1, 2016 9:57:38 PM Brian Kantor <Brian(a)UCSD.Edu> wrote:
(Please trim inclusions from previous messages)
_______________________________________________
Folks, I have begun blocking the portmapper port (UDP 111) at the UCSD
amprgw gateway. This is to mitigate a new DDOS exploit that is taking
place on the Internet.
This would prevent the use of various RPC services across the
amprgw gateway, but I don't think anyone is currently using NFS,
NIS, or the like in that context. The performance would be very
poor in any case.
You might consider blocking this port in your firewalls.
I recommend that everyone running their own BGP'd subnet insert a
blocking filter rule for this port as well.
More information:
http://blog.level3.com/security/a-new-ddos-reflection-attack-portmapper-an-…
Thanks.
- Brian
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net