Corrective steps are being taken.
The slowness we suffered today for about an
hour has been identified. In fact the last several slowness issues we have had
are the result of this same issue. Brute force assaults on the db. We were
getting over 2000 login attempts per minute.
The attackers are going for our port 1433,
which is a standard port for OBDC connections.
We are now working to move to a random port.
While not perfect, there is no way to stop attackers from trying, if your
services are not on a standard port, as ours is, the attackers don’t waste the
time to find which port you might be using and simply move on to the next
victim.
Once we have this working on our end, we will
provide all sites currently running scanners with step by step instructions to
change your OBDC connection from your side and then we will close port 1433 on
our end.
