Has anyone else been affected by the Syn Flood Attack today reported by Griffen ISP
| ervice Request | |
| Ticket Number | 00751065 |
| Ticket Priority | IR - Information Request |
| Customer | Griffin Information Systems Limited |
| Service | |
| Site | |
| Service Reference Number | UNKNOWN |
| Customer Reference Number | |
| Request Logged | 07/02/2014 at 09:28:48 by Xan Manning |
| Request Details | |
| SYN Flood attack | |
| Update Details | |
| Dear Partner, Last month we became aware of an attack against users of the Zyxel P660 range of routers. We have today received an increased number of partners once again reporting disconnections on DSL services and the symptoms are in line with our previous experience. We have once again engaged the CPE vendor Zyxel who have confirmed the issue to be a SYN flood attack primarily affecting the the P660 series. As per our previous notification in January: This issue is impacting the wider ISP community and although we have are only seeing Zyxel hardware impacted, it is understood that other manufacturers are also impacted. In order to deter the attack, the current advice being given by Zyxel is to change the remote management port and lock down the remote management IP to a specific IP list. As with all hardware manufacturers - it is recommended that the latest firmware is in use however we can confirm that devices with the latest firmware are also impacted. At this time, we are recommending that the following steps be taken:- • Restrict remote management IP’s to a specific list or restrict to LAN only • Change remote management port (nb. Not required if restricted to LAN only) • Disable telnet access PLEASE NOTE – this information is being advised based on a typical, direct internet access setup and due to the nature of unmanaged CPE, these changes are only advisory as recommended by the manufacturer. Griffin cannot be held responsible for any impact to services as a result of these changes. It is strongly recommend these changes are reviewed prior to implementation to ensure they will not impact other services. |