NSFOCUS Reveals New Botnet Family RDDoS
janeiro 16, 2024
1. Introduction of the New Botnet RDDoS In early November 2023, NSFOCUS’s Global Threat Hunting System detected that an unknown elf file was spreading widely, which aroused our vigilance. After further analysis, we confirmed that this batch of elf samples belonged to a new botnet family. NSFOCUS Security Research Labs named the botnet Trojan as […]
Troubleshooting for NTA and ADS Automatic Diversion
janeiro 5, 2024
When NTA detects abnormal traffic, it can notify ADS to divert the traffic. ADS sends route diversion notifications to the router, redirecting the traffic to ADS for cleaning. Based on this scenario, this article will summarize troubleshooting directions when traffic is not successfully diverted to ADS. 1. Check whether automatic diversion is triggered. You can […]
Introduction to NTA Automatic Diversion
dezembro 28, 2023
NTA supports configuring automatic diversion for Region/IP Group traffic alerts and Region/IP Group DDoS attack alerts. There are different diversion methods for various scenarios, including ADS Diversion, Flowspec Diversion, BGP Diversion, and Null-Route Diversion For the Region/IP Group traffic alert, the following conditions must be met to perform automatic diversion after the alert is triggered: […]
Differences between NTA Auto IP Diversion and Auto Group Diversion
dezembro 8, 2023
You may have seen that there are two diversion modes in NTA alerts. They are Auto IP diversion and Auto group diversion. The Auto group diversion is triggered by the Region/IP Group Traffic Alert (at step 3 when configuring Regions or IP Groups). The Auto IP diversion is triggered by the Region/IP Group DDoS Attack […]
An Explanation of Traffic Abnormal in the NTA DDoS Attack Alert
novembro 16, 2023
Traffic Abnormal does not differentiate between alert types. Any instance where the total traffic volume for a single destination IP exceeds the threshold is considered a traffic anomaly.
Why Isn’t My ChatGPT Working?
novembro 13, 2023
“My ChatGPT isn‘t working properly.“ “I can’t log in, and it’s not responding at all.” Just as OpenAI released a series of new features recently, ChatGPT experienced prolonged service disruptions last Wednesday. Subsequently, OpenAI issued a statement revealing that they were facing periodic outages across ChatGPT and the API due to a reflective Distributed Denial […]
NTA SMTP Functionality Usage
novembro 10, 2023
Customers can enable SMTP functionality to ensure timely receipt of alert notifications and device logs. Below are the steps to configure SMTP functionality. Configuring an SMTP Server 1. Choose Administration > Third-Party Interface > Email Service and click SMTP Server 2. Configure parameters Parameters for configuring an SMTP server: Parameter Description SMTP Server Address Specifies […]
Israeli-Palestinian Conflict: Multifaceted Alliances and Fierce Cyberspace Battle
outubro 23, 2023
Background On October 7th, accompanied by the launch of thousands of rockets, the Palestinian Islamic Resistance Movement (Hamas) declared a military operation against Israel. As real-world conflict escalated, hacktivist organizations from various countries, including Russia, India, Indonesia, and Iraq, began engaging in continuous cyber warfare within the cyberspace domains of both sides. The primary methods […]
Six Algorithms for Defending Against the Novel “HTTP/2 Rapid Reset” DDoS Attack
outubro 18, 2023
A recently discovered HTTP/2 protocol-based Distributed-Denial-of-Service (DDoS) vulnerability has been identified by multiple cloud service providers. This vulnerability enables attackers to achieve an unprecedented record of 398 million requests per second. This vulnerability has been identified as CVE-2023-44487, potentially making it one of the largest layer 7 DDoS attacks ever recorded. What is HTTP/2 Rapid […]
SSL Certificate Replacement Guide for NSFOCUS ADSM and Portal
outubro 12, 2023
When the SSL certificate for ADSM or ADSM Portal expires, we could replace it manually on the Web GUI. ADSM Click Choose File on Administration > Local Settings > SSL Certificate Replacement to upload .crt file and .key file. Then click Replace to update the SSL certificate. ADSM Portal Click Choose File on Administration > Third-Party Interface […]
