Mirai Botnet’s New Wave: hailBot,kiraiBot, catDDoS, and Their Fierce Onslaught
October 3, 2023
I. Abstract In September 2023, NSFOCUS global threat hunting system monitored several new botnet variant families developed based on Mirai, among which hailBot, kiraiBot and catDDoS are the most active, are accelerating their spread, and are widely deployed, which has constituted a considerable threat. Through this article, we will disclose the technical details of these […]
Feature Adaptations on Slave ADSM in a High Availability Environment
September 15, 2023
Sometimes, to ensure continuous business operations in the event of equipment failure, it is a common practice to configure High Availability (HA) using two ADSM devices. You can configure High Availability (HA) in ADSM by navigating to Administration > Local Settings > HA Configuration. Master: Slave: The master handles all services and periodically synchronizes heartbeat […]
Turmoil in Libya: Major Industries Hit by Massive DDoS Attacks
September 12, 2023
I. Background In August, NSFOCUS Global Threat Hunting System spotted an abnormal trend of DDoS attacks against Libya. NSFOCUS Security Labs sorted out the traffic changes of DDoS attacks in August and found that this attack may be related to the turmoil in Libya in August by comparing it with key events in Libya in […]
Introduction to ADS’s HTTP Keyword Checking Policy
August 29, 2023
HTTP Keyword Checking is a process by which ADS controls HTTP traffic through the ADS device. In addition, ADS takes a specific action (Accept, Drop, Disconnect, Add to blacklist, Add to whitelist, or Limit rate) as configured on passing packets whose source IP address and specific fields match the HTTP Keyword Checking rule. HTTP Keyword […]
“Save” and “Apply” Buttons on ADS Configuration Page
August 3, 2023
When working with the ADS, it is important to understand the role of the “Apply ” and “Save” buttons located in the upper-right corner of the configuration pages. Apply: Clicking the “Apply” button will apply and enforce the configuration changes, making them effective in the RAM of the ADS. These changes will take effect immediately […]
Description of ADS Attack Logs: SYN Flood Logs (Part 1)
July 20, 2023
Introduction to SYN Flood A three-way handshake is required to establish a TCP connection. First, the client sends a TCP SYN packet to the server. The server responds to the client request with an SYN-ACK packet. Then the server waits and expects an ACK packet from the client. At this time, the connection is in […]
NSFOCUS Continuously Dominating the Anti-DDoS Hardware Market in China with Unparalleled Market Share
July 20, 2023
According to the IDC China Anti- DDoS Hardware Market Share, 2022: Opportunities and Challenges Coexist published on June 29, 2023, NSFOCUS, with its Anti-DDoS solution powered by a robust protection algorithm and excellent services, has again claimed the leading position in China’s Anti-DDoS hardware market. NSFOCUS keeps ahead of this market for many years running […]
Enhancing Campus Network Resilience: How NSFOCUS Anti-DDoS Solution Safeguards the Education Sector from DDoS Attacks
July 13, 2023
Customer Overview The customer is a leading research-intensive university in Asia, with a distinguished history and a reputation for excellence in teaching and research. The university has a large campus network that serves students, faculty, staff, external partners, and visitors. With the increasing threats of DDoS attacks, the customer recognized the need to implement a […]
Importing an NTA Configuration File
July 6, 2023
NTA allows users to import and export configuration files so as to meet users’ requirements for quick configuration restoration and local configuration file backup. To import a configuration file, perform the following steps: Choose Administration > System Configuration > Basic Information > Import Config. Select a configuration file to be imported and select desired items. […]
Global Threat Intelligence Function of NSFOCUS ADS
June 29, 2023
Powered by NSFOCUS Threat Intelligence (NTI), NSFOCUS ADS can block IP addresses that pose serious threats and high risks. To ensure data reliability, ADS updates intelligence data daily and provides available update time frames for users to select. For the purpose of preventing IP blocking by mistake, you can configure IP exceptions to exclude a […]
