Comcast Takes Steps to Prevent Unintentional Network Abuse
The first step is to prevent distributed denial of service (DDoS) attacks that utilize Simple Network Management Protocol (SNMP) reflected amplification technique, the company said. This refers to an attack that can occur when SNMP queries with a spoofed source IP address are sent to subscribers’ customers' home gateway devices. Those home gateway devices, or routers, are customer-owned, and not Comcast-managed. The SNMP queries result in a response from a home gateway device that is reflected and amplified, directing an overwhelming volume of traffic against a target, according to the blog.