[Operators] STUN/TURN servers are being abused in DDoS attacks (even with auth enabled)

Georg Lukas georg at op-co.de
Wed Apr 28 18:44:16 UTC 2021


* Philipp Hancke <fippo at goodadvice.pages.de> [2021-04-28 20:26]:
> which from what I can see is less than two and can be brought closer to 1
> with minimal tuning.

this is a question that you should ask to the attackers who are using
our STUN servers as an attack vector ;-)

Honestly though, everything that is more than 1 is apparently a win for
them, and gives them a free extra of re-routing their DDoS traffic to
make finding the source even more complicated.


Georg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/operators/attachments/20210428/8e2d10f1/attachment.sig>


More information about the Operators mailing list