DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 12th March 2014
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,158
Thanked 182 Times in 149 Posts
Default Attackers trick 162,000 WordPress sites into launching DDoS attack

From http://arstechnica.com/security/2014...l-ddos-attack/

Quote:
Security researchers have uncovered a recent distributed denial-of-service (DDoS) attack that used at least 162,000 WordPress-powered websites to knock another site offline.

The technique made it possible for an attacker with modest resources to greatly amplify the bandwidth at its disposal. By sending spoofed Web requests in a way that made them appear to come from the target site, the attacker was able to trick the WordPress servers into bombarding the target with more traffic than it could handle. Besides causing such a large number of unsuspecting sites to attack another one, the attack is notable for targeting XML-RPC, a protocol the sites running WordPress and other Web applications use to provide services such as pingbacks, trackbacks, and remote access to some users.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Europe shrugs off largest DDoS attack yet, traffic tops 400Gbps J65nko News 0 12th February 2014 01:26 AM
Large-scale DNS DDoS attack on Spamhaus J65nko News 1 28th March 2013 10:54 PM
Thousands of WordPress sites commandeered by Black Hole J65nko News 0 3rd November 2011 07:49 PM
Java vulnerability - when lyric sites attack J65nko News 0 15th April 2010 07:49 PM
supress UDP ddos attack chris FreeBSD Security 4 9th July 2008 02:46 PM


All times are GMT. The time now is 12:32 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick