Plex media streaming service has some major security flaws

DDoS-for hire services are leveraging security flaws in Plex Media Server systems as a UDP reflection/amplication vector in DDoS attacks ...

DDoS-for hire services are leveraging security flaws in Plex Media Server systems as a UDP reflection/amplication vector in DDoS attacks according to new research from Netscout.

For those unfamiliar, Plex Media Server is a personal media library and streaming system that runs on a variety of operating systems including Windows, MacOS and Linux. There are also customized variants of the system made for NAS devices, external RAID storage units and digital media players.

During startup, Plex probes a user's local network using the G'Day Mate (GDM) nework/service discovery protocol in order to locate other compatible media devices and streaming clients. However, the software also uses SSDP probes to locate UPnP gateways on routers that have SSDP enabled. When a UPnP gateway is discovered this way, Plex attempts to utilize NAT-PMP to instantiate dynamic NAT forwarding rules on the router.

If successful, this exposes a Plex UPnP-enabled service registration responder to the general internet where it can be abused by cybercriminals to generate reflection/amplification DDoS attacks.

Reflection/amplification DDoS attacks

According to Netscout, amplified PMSSDP DDoS attack traffic consists of SSDP HTTP/U responses sourced from UDP/32414 on vulnerable routers directed toward attack targets with each amplified response packet ranging from 52 to 281 bytes in size.

So far the firm has identified 27,000 abusable PMSSDP reflectors/amplifiers with single-vector PMSSDP reflection/amplification DDoS attacks ranging in size from 2Gbps to 3GBps. However, multi-vector and omni-vector attacks incorporating PMSSDP range from the low tens of Gbps all the way up to 218Gbps.

In a blog post, principal engineer Roland Dobbins and senior network security analyst Steinthor Bjarnason at Netscout explained that even a single-vector PMSSDP reflection/amplification attack can be quite disruptive, saying:

“It should be noted that a single-vector PMSSDP reflection/amplification attack of ~2 Gbps – ~3 Gbps in size is often sufficient to have a significant negative impact on the availability of targeted networks/servers/services. The incidence of both single-vector and multi-/omni-vector reflection/amplification attacks leveraging PMSSDP has increased significantly since November of 2020, indicating its perceived utility to attackers.”

To protect against these kinds of DDoS attacks, Netscout recommends that network operators perform reconnaissance to identify any abusable PMSSDP reflectors/amplifiers on their networks and those of their customers. At the same time though, organizations should be employing some kind of DDoS protection.



from TechRadar - All the latest technology news https://ift.tt/3jmyk6W
via IFTTT

COMMENTS

BLOGGER
Name

Apps,3858,Business,151,Camera,1155,Earn $$$,3,Gadgets,1741,Games,926,GTA,1,Innovations,3,Mobile,1697,Paid Promotions,5,Promotions,5,Sports,1,Technology,8106,Trailers,796,Travel,37,Trending,4,Trendly News,25335,TrendlyNews,183,Video,5,XIAOMI,13,YouTube - 9to5Google,182,
ltr
item
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: Plex media streaming service has some major security flaws
Plex media streaming service has some major security flaws
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
http://www.trendlynews.in/2021/02/plex-media-streaming-service-has-some.html
http://www.trendlynews.in/
http://www.trendlynews.in/
http://www.trendlynews.in/2021/02/plex-media-streaming-service-has-some.html
true
3372890392287038985
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy