|
|
本帖最后由 ReActRailGun 于 2020-12-2 17:39 编辑
We have received a security alert from the German Federal Office for Information Security (BSI).
Please see the original report included below for details.
We are automatically forwarding this alert on to you, for your information.
You do not need to send us, or the BSI, a response.
However, we do ask that you check the alert and to resolve any potential issues.
Additional information is provided with the HOWTOs referenced in the report.
In case of further questions, please contact [email protected] and keep the ticket number of the original report [CB-Report#...] in the subject line. Do not reply to <[email protected]> as this is just the sender address for the reports and messages sent to this address will not be read.
Kind regards
Abuse Team
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen / Germany
Tel: +49 9831 5050
Fax: +49 9831 5053
www.hetzner.com
Register Court: Registergericht Ansbach, HRB 6089
CEO: Martin Hetzner, Stephan Konvickova, Günther Müller
For the purposes of this communication, we may save some
of your personal data. For information on our data privacy
policy, please see: www.hetzner.com/datenschutzhinweis
On 02 Dec 06:30, [email protected] wrote:
Dear Sir or Madam,
NetBIOS defines a software interface and a naming convention.
NetBIOS over TCP/IP provides the NetBIOS programming interface
over the TCP/IP protocol.
Over the past months, systems responding to NetBIOS nameservice
requests from anywhere on the Internet have been increasingly
abused for DDoS reflection attacks against third parties.
Please find below a list of affected systems hosted on your network.
The timestamp (timezone UTC) indicates when the openly accessible
NetBIOS nameservice was identified.
We would like to ask you to check this issue and take appropriate
steps to secure the NetBIOS nameservices services on the affected
systems or notify your customers accordingly.
If you have recently solved the issue but received this notification
again, please note the timestamp included below. You should not
receive any further notifications with timestamps after the issue
has been solved.
Additional information on this notification, advice on how to fix
reported issues and answers to frequently asked questions:
<https://reports.cert-bund.de/en/>
This message is digitally signed using PGP.
Information on the signature key is available at:
<https://reports.cert-bund.de/en/digital-signature>
Please note:
This is an automatically generated message. Replies to the
sender address <[email protected]> will NOT be read
but silently be discarded. In case of questions, please contact
<[email protected]> and keep the ticket number [CB-Report#...]
of this message in the subject line.
Affected systems on your network:
Format: ASN | IP | Timestamp (UTC) | Workgroup name | Machine name
24940 | 2020-12-01 01:22:47 | WORKGROUP | WIN-DTMS9LSNUTV
Mit freundlichen Gren / Kind regards
Team CERT-Bund
Bundesamt fr Sicherheit in der Informationstechnik
Federal Office for Information Security (BSI)
Referat OC25 - CERT-Bund
Godesberger Allee 185-189, 53175 Bonn, Germany |
|
发表于 2020-12-2 17:37:35
QQ好友和群
QQ空间
收藏
楼主