where to go to understand DDoS attack vector

Roland Dobbins rdobbins at arbor.net
Tue Aug 26 13:05:10 UTC 2014

On Aug 26, 2014, at 7:18 PM, Miles Fidelman <mfidelman at meetinghouse.net> wrote:

> Can you say a bit more about what I might look for in trying to track this down?

Fuzz your IPMI boards?


My guess is that this is going to come to light sooner rather than later.  We're getting reports of other DDoS attacks which seem to match this scenario involving IPMI boards.

There's no real reason to try and track it down, from an operational standpoint, is there>  Management-plane things like IMPI boards shouldn't be open to the general Internet; put them behind ACLs and use a VPN.  Problem solved.

Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

                   Equo ne credite, Teucri.

    		   	  -- Laoco├Ân

More information about the NANOG mailing list