[Atlas-anchors-pilot] iDRAC cards are potential DDoS amplifiers

[Tore Anderson]

Hi,

Following the recent attacks on Spamhaus, our security guys did some
scanning of our address space to look for potential DDoS amplifiers in
our network. One of the things they found was the iDRAC port of
no-osl-as39029, which happily responds to any SNMP v1/v2c queries using
the "public" community.

I don't see any evidence of it having been abused for DDoS purposes in
my bandwidth graphs to date, but still, this should be closed down. That
probably goes for all the anchor boxes, not just ours.

-- 
Tore Anderson
Redpill Linpro AS - http://www.redpill-linpro.com/