Hmm. Spent a chunk of today working out that a client's CoAP server was being used as an amplification service as part of a DDoS network 😞

The server wasn't (AFAICT) compromised, just being used to turn ~60 byte attack packets into ~540 byte attack packets, as well as presumably spreading out the attacking traffic's route through the Internet. goes into more depth, if anyone wants further background.

· · Web · 1 · 1 · 2