[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[LDM #VFJ-931752]: Does this affect the LDM at all?

This archive contains answers to questions sent to Unidata support through mid-2025. Note that the archive is no longer being updated. We provide the archive for reference; many of the answers presented here remain technically correct, even if somewhat outdated. For the most up-to-date information on the use of NSF Unidata software and data services, please consult the Software Documentation first.

Subject: [LDM #VFJ-931752]: Does this affect the LDM at all?
Date: Mon, 14 Sep 2015 11:08:24 -0600

Gilbert,

Interesting article. Thanks for the reference.

This doesn't affect the LDM. The ability to use the portmapper service to 
amplify DDoS attacks is independent of whether or not an LDM is running. The 
LDM will try to use the portmapper on the remote host, but it uses a TCP 
connection rather than UDP, which was the vulnerability mentioned in the 
article, and then only after trying the well-known LDM port, 388.

> Hi Steve,
> 
> Check this out...
> 
> http://blog.level3.com/security/a-new-ddos-reflection-attack-portmapper-an-early-warning-to-the-industry/
> 
> And let me know what you think. Thanks!
> 
> Gilbert
> 
> *******************************************************************************
> Gilbert Sebenste                                                    ********
> (My opinions only!)                                                  ******
> Staff Meteorologist, Northern Illinois University                      ****
> E-mail: address@hidden                                  ***
> web: http://weather.admin.niu.edu                                      **
> Twitter: http://www.twitter.com/NIU_Weather                            **
> Facebook: http://www.facebook.com/niu.weather                           *
> *******************************************************************************


Regards,
Steve Emmerson

Ticket Details
===================
Ticket ID: VFJ-931752
Department: Support LDM
Priority: Normal
Status: Closed

Prev by Date: [LDM #YGE-641148]: PQACT Error
Next by Date: [LDM #BRZ-289323]: Feature request: throttling inbound/outbound traffic
Previous by thread: [LDM #RCA-822786]: Failover doesn't occur when primary feed goes down
Next by thread: [LDM #VFJ-931752]: Does this affect the LDM at all?
Index(es):
- Date
- Thread