[nsp-sec] DNS and SNMP Reflection Attack Hosts
Tom Paseka
tom at cloudflare.com
Mon Jun 24 12:44:21 EDT 2013
Joel,
On Mon, Jun 24, 2013 at 9:39 AM, Joel L. Rosenblatt <joel at columbia.edu>wrote:
> ----------- nsp-security Confidential --------
>
>
> Now, my question is - are these machines compromised or are they just
> acting as designed
>
>
With SNMP reflection - they're acting as designed. Someone is spoofing an
IP address - then doing a SNMP get against the printers.
You should lock down SNMP access to them.
Cheers,
Tom
More information about the nsp-security
mailing list