|Periodically, IS&T's Security Operations Team will scan MITnet for known bad behaviors that indicate a system compromise. When these behaviors are detected, notices are sent to registered host owners asking them to investigate and address the issue.|
You received this notification because a host registered to you, or in your area of responsibility, was observed participating in a Denial of Service attack against other hosts on MITnet and/or the greater Internet.
A host on MIT's network sending out an exceptionally large volume of traffic using a known-and-frequently-abused UDP service. This behavior, called a UDP amplification attack, is used to overwhelm a victim system.
If you have a locale IT support liaison, we recommend contacting them for support.
If you are the administrator of the host in question, we recommend you:
- disable the service if it's not necessary;
- adjust your firewall configuration so it only serves certain IP ranges;
If you do not have a local IT support liaison, you can contact the IS&T Help Desk.