Author: Tod Beardsley

Attackers have figured out how to use Portmapper, or RPC Portmapper, in reflection attacks where victims are sent copious amounts of responses from Portmapper servers. Tod Beardsley, security engineering manager, at Rapid7 commented on the new DDoS reflection attack. [su_note note_color=”#ffffcc” text_color=”#00000″]Tod Beardsley, Security Engineering Manager, at Rapid7 : “Portmap (port 111/UDP) used to be a common service on many UNIX-like distributions, including Linux and Solaris. To hear this morning that it’s part of a “new DDoS” attack is very disorienting, as portmap attacks are by no means new. For 15 years or more, the stock advice about portmap has…

Following Amazon’s announcement of s2n – Signal to Noise, Tod Beardsley, security engineering manager from Rapid7’s Commented on the Amazon’s announcement of s2n – Signal to Noise. Tod Beardsley, Security Engineering Manager from Rapid7’s : “Amazon’s announcement of s2n (which stands for “Signal to Noise”) is pretty exciting news. It’s nearly always a good thing when a major Internet company like Amazon sets its sights on improving a core Internet technology like Transport Layer Security (TLS) in a responsive, open source way. After Heartbleed, we saw something similar from Google with their release of BoringSSL, as well as OpenBSD’s volunteer-driven LibreSSL. All of these projects promise a stripped down…