Meet the Windows servers that have been fueling massive DDoSes for months

Sun, 27 Nov 2022 03:57:10 +1100

Andrew Pam <xanni [at] glasswings.com.au>

Andrew Pam
<https://arstechnica.com/information-technology/2022/10/researchers-id-12k-microsoft-servers-that-are-a-ddosers-best-friend/>

"A small retail business in North Africa, a North American telecommunications
provider, and two separate religious organizations: What do they have in
common? They’re all running poorly configured Microsoft servers that for months
or years have been spraying the Internet with gigabytes-per-second of junk data
in distributed-denial-of-service attacks designed to disrupt or completely take
down websites and services.

In all, recently published research from Black Lotus Labs, the research arm of
networking and application technology company Lumen, identified more than
12,000 servers—all running Microsoft domain controllers hosting the company’s
Active Directory services—that were regularly used to magnify the size of
distributed-denial-of-service attacks, or DDoSes."

Via Wayne Radinsky.

Cheers,
       *** Xanni ***
--
mailto:xanni@xanadu.net               Andrew Pam
http://xanadu.com.au/                 Chief Scientist, Xanadu
https://glasswings.com.au/            Partner, Glass Wings
https://sericyb.com.au/               Manager, Serious Cybernetics

Comment via email

Home E-Mail Sponsors Index Search About Us