What is this warning from the provider?

A

Anton2018-11-25 23:36:38

Microsoft

Anton, 2018-11-25 23:36:38

Such a warning came from the hoster, they are asked to take action.
I do not understand at all - what is it and what needs to be done:
Tell me.

spoiler

Tere
Te saate selle kirja kuna CERT-EE monitooring on avastanud teie võrgust haavatavad

seadmed. Internetti avatud MS-SQL Server Resolution Service, mis annab ülevaate kliendi

poolsest võrgust ja võimaldab avatud teenusega seadmete abil läbi viia

teenustõkestusründeid (DDoS).

https://kb.iweb.com/hc/en-us/articles/230268308-Gu...

ice-Access-Amplification-Issues

Soovitame kas:

- tulemüüril piirata pordi 1434/UDP liiklus

- piirata ligipääsu teenusele selliselt, et teenus oleks kättesaadav vaid neilt IP

aadressitelt, mis on vajalikud

- sulgeda SQL Server Browser Service

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

D

Dmitry Makarov, 2018-11-25
@MDiMaI666

hi
You are receiving this email because CERT-EE monitoring has detected your network
hardware vulnerability. An Internet-enabled MS-SQL Server Permission Service that provides client visibility
from the network and allows devices to be opened using the
Deterrent Devices (DDoS) service.
https://kb.iweb.com/hc/en-us/articles/230268308-Gu ...
Ice-Amplification-Access Problems
We recommend either:
- Port 1434 / UDP traffic on the firewall
- Restrict access to the service to the service was available only to them from the IP address
required addresses
- close the SQL Server Browser Service

R

Ruslan Fedoseev, 2018-11-26
@martin74ua

not quite from the provider)
you have found an open port 1434/udp, which can be used as a DDOS amplification. Close the port, or configure the service correctly.