Security Flaw in Dirt Jumper Family of DDoS Toolkits Exposes Attacker’s Own Database
Plus, PLXsert’s mitigation rules you can use to neutralize Pandora DDoS attacks
Dirt Jumper, Pandora and Di BoTNet have same weakness
The Prolexic Security Engineering & Response Team (PLXsert) Dirt Jumper DDoS Toolkit vulnerability report exposes crucial weaknesses in DDoS attackers’ own tools. These flaws could be exploited to neutralize attacks from any of the popular Dirt Jumper family of tools, including Dirt Jumper v.3, Pandora and Di BoTNet denial of service attacks.
Armed with the address of the C&C (C2) server or an infected host, and an open source database tool, the attacker’s configuration file can be exposed to shut these botnets down.
Register to access the PLXsert’s Dirt Jumper Vulnerability Disclosure Report >>>
DDoS mitigation rules neutralize Pandora attacks
The latest member of the Russian-origin Dirt Jumper DDoS toolkit, named Pandora, offers five denial of service attack modes.
This PLXsert threat advisory describes the Pandora toolkit’s five types of denial of service attack and presents rules to defend against and mitigate the Pandora attacks– so you can block this DDoS threat.
Register to access the Pandora DDoS threat advisory >>>
Prolexic used these rules to restore service to Krebs on Security, a popular blog about cyber threats and their perpetrators. Krebsonsecurity.com was under attack with a Pandora botnet, using a Max Flood attack issuing POST requests against a server that were more than 1 million bytes in length.
Register to access the Krebs on Security DDoS mitigation report >>>
Want DDoS information as it becomes available?
Register and subscribe today! It’s free. Subscribers receive complimentary copies of Prolexic quarterly DDoS attack reports, DDoS threat advisories and DDoS Dispatch newsletter.