Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
mastodon.me.uk is one of the many independent Mastodon servers you can use to participate in the fediverse.
Open, user-supported, corporation-free social media for the UK.

Administered by:

Server stats:

517
active users

mastodon.me.uk: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

Adrian McEwen

Hmm. Spent a chunk of today working out that a client's CoAP server was being used as an amplification service as part of a DDoS network 😞

The server wasn't (AFAICT) compromised, just being used to turn ~60 byte attack packets into ~540 byte attack packets, as well as presumably spreading out the attacking traffic's route through the Internet.

ietf.org/archive/id/draft-matt goes into more depth, if anyone wants further background.

www.ietf.orgAmplification Attacks Using the Constrained Application Protocol (CoAP) Protecting Internet of Things (IoT) devices against attacks is not enough. IoT deployments need to make sure that they are not used for Distributed Denial-of-Service (DDoS) attacks. DDoS attacks are typically done with compromised devices or with amplification attacks using a spoofed source address. This document gives examples of different theoretical amplification attacks using the Constrained Application Protocol (CoAP). The goal with this document is to raise awareness and to motivate generic and protocol-specific recommendations on the usage of CoAP. Some of the discussed attacks can be mitigated by not using NoSec or by using the Echo option.
#CoAP#security#DDoS
Jul 02, 2024, 01:49 PM·Public·Web
1boost·2favorites
ExploreLive feeds
About