Threat Watch

Citrix Adds NetScaler ADC Setting to Block Recent DDoS Attacks

After confirming an issue with their DTLS, a TLS protocol for UDP, Citrix has added settings to enable administrators to protect against the recent Distributed Denial of Service (DDoS) against the NetScaler ADC appliance. The DDoS attack used DTLS to amplify network traffic sent to vulnerable devices and overwhelm network throughput. If the affected network does not already have enough bandwidth to endure a smaller Denial of Service attack, the ADC appliance would quickly overwhelm even larger networks belonging to Steam and Xbox’s services.

ANALYST NOTES

If any organization utilizes NetScaler ADC and DTLS, Citrix’s guidance is an essential step to protecting their assets. As of this writing, a new release has been pushed to allow for a new feature that will enable NetScaler ADC to verify the incoming DTLS connections. Temporary mitigations have also been released, which disables DTLS, but as noted by Citrix, that will lead to performance degradation in the appliance.

References and Resources:
https://www.zdnet.com/index.php/category/2381/index.php/article/citrix-devices-are-being-abused-as-ddos-attack-vectors/
https://www.bleepingcomputer.com/news/security/citrix-adds-netscaler-adc-setting-to-block-recent-ddos-attacks/

Subscribe to Threat Watch

Daily summaries of threats, delivered straight to your inbox!


Click Here to Subscribe to Threat Watch
Facebook Twitter Instagram Youtube Linkedin
Solutions
Become a Reseller

Industries

Resources

About

Contact Us
Contact Support