Note to all Network Administrators ;
Mode of attack thru port 80 and 111(port mapper)
If you open up port 111, I can see every available resources on your network and I can easily bypass any security you setup.
Solution run proxy server services but do not use standard 538(TCP & UDP) for gdomapping, use other ports. Once you configure the access of 1 pc without any issue, you then then expand to cover your entire network. Therefore you must be very familar with your firewall configurations, the difference between IP4 & IP6 protocol. There is no firewall software can block IP6, so you need to manually filter and isolate it, especially unknown packets, dropping all the packets. Therefore do not upgrade to IP6 yet but fall back on IP4 as the attackers are using IP6 to attack all networks.
– Contributed by Oogle