A distributed reflective denial-of-service (DRDoS) is a form of distributed denial-of-service (DDoS) attack that relies on publicly accessible UDP servers and bandwidth amplification factors (BAFs) to overwhelm a victim’s system with UDP traffic. (us-cert.gov,2018). This article describes the steps to help protect against UDP Amplification Attack - TA14-017A.
The following sections are covered:
Applies to the following Sophos products and versions Sophos Firewall
Administrators need to enable and configure DoS settings on the XG by following the below steps:
Note: The values that are already populated work for most networks. If you are having trouble with any traffic that is UDP based, you may need to increase the values assigned.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.