Author: Roland Dobbins

Roland Dobbins is a Principal Engineer on Arbor’s ASERT Team. He has nearly 30 years of operational experience in the service provider (SP) and large enterprise arenas, designing, deploying, operating, securing, maintaining, troubleshooting and defending many of the highest-visibility networks in the world. He is a recognized industry leader in the fields of operational security (opsec) and network telemetry, and has an extensive background in security product/feature innovation, devising operational security requirements for network infrastructure devices and protocol design. His focus is on extending the availability, scalability and security of the network infrastructure and the applications/services it enables, with an emphasis on flexible and resilient global service delivery capabilities.

The Importance of Being Accurate: SSDP Diffraction Attacks, UDP Refraction Attacks, and UPnP NAT Bypass

Roland Dobbins on May 22, 2018.

Written by Roland Dobbins, ASERT Principal Engineer & Matt Bing, ASERT Security Analyst.

In this article:

SSDP Diffraction Attacks aren’t new; they’ve been observed in the wild since 2015.
‘Evasive Amplification’ attacks, aren’t.
UPnP NAT Bypass is real.

Roland Dobbins on February 27, 2018.

ASERT Threat Summary: memcached Reflection/Amplification Description and DDoS Attack Mitigation Recommendations Date/Time: 27022018 2325UTC Title/Number: memcached Reflection/Amplification Description and DDoS Attack Mitigation Recommendations – February 2018 – v1.4. Severity: Critical Distribution: TLP WHITE (see <https://www.us-cert.gov/tlp>) Categories: Availability Authors: Roland Dobbins & Steinthor Bjarnason Contributors: Keshav […]

Roland Dobbins on August 31, 2017.

Over the course of the last few weeks, a botnet comprised mainly of Android mobile devices has been utilized to launch a high-impact DDoS extortion campaign against multiple organizations in the travel and hospitality sector. This botnet, dubbed ‘WireX’, is only the second mobile botnet […]

Roland Dobbins on October 26, 2016.

Authors: Roland Dobbins & Steinthor Bjarnason Since its inception in August of 2016, the Mirai ‘Internet-of-Things’ (IoT) botnet, comprised largely of internet-enabled digital video recorders (DVRs), surveillance cameras, and other Internet-enabled embedded devices, has been utilized by attackers to launch multiple high-profile, high-impact DDoS attacks against various Internet properties and […]

Roland Dobbins on May 12, 2015.

One of the truisms of comic books and graphic novels is that nothing is immutable – both heroes and villains are rebooted, retconned, featured as radically (or subtly) different versions in alternate timelines, etc. The Marvel Cinematic Universe, which so far includes the Captain America, […]

Asert

Arbor’s Security Engineering & Response Team (ASERT) delivers world-class network security research and analysis for the benefit of today’s enterprise and network operators. ASERT engineers and researchers are part of an elite group of institutions that are referred to as ‘super remediators’ and represent the best in information security. ASERT has both visibility and remediation capabilities at nearly every tier one operator and a majority of service provider networks globally.

ASERT shares operationally viable intelligence with hundreds of international Computer Emergency Response Teams (CERTs) and with thousands of network operators via in-band security content feeds. ASERT also operates the world’s largest distributed honeynet, actively monitoring Internet threats around the clock and around the globe.

Arbor Networks has collaborated with Jigsaw (formerly Google Ideas) to create a data visualization that shows how Distributed Denial of Service (DDoS) attacks have become a global problem. The data is updated daily from Arbor’s global network of sensors and can be viewed at www.digitalattackmap.com

Author: Roland Dobbins

The Importance of Being Accurate: SSDP Diffraction Attacks, UDP Refraction Attacks, and UPnP NAT Bypass

memcached Reflection/Amplification Description and DDoS Attack Mitigation Recommendations

Down to the WireX

Mirai IoT Botnet Description and DDoS Attack Mitigation

How to Become an Internet Supervillain in Three Easy Steps