Since 19 December 2020 7pm CET we see a possible worldwide DDOS amplify attack against Citrix Gateway UDP:443 DTLS EDT services.
11.01.2021: Added information about the new Citrix ADC Gateway (formerly NetScaler) firmware releases, which solve the memory leak issue with -helloVerifiyRequest
24.12.2020: Added information about the official Citrix Knowledge Center article CTX289674
Added a final summary, that repeats all possible solutions
Maked it a lot clearer, that -helloVerifiyRequest doesn’t seem to work well
22.12.2020: Added a warning note, that -helloVerifiyRequest doesn’t work on all Citrix ADC (NetScaler) firmware versions
21.12.2020: Added a third possible solution regarding -helloVerifiyRequest
21.12.2020: Initial version
During the night from Saturday (19.12.2020) to Sunday (20.12.2020) our Zabbix Monitoring informed us, that several Citrix Gateway VPX (50) appliances were at its license cap. We investigated the situation and soon found out, that we had 0 ICA sessions on most of them, hence no explanation for the traffic.
If you have performed your first Dell Wyse ThinOS 9.0 tests by now, you might want to downgrade those devices back to 8.6 again. In this guide I’m showing you how.
For this test, I initially upgraded a Dell Wyse 3040 ThinClient with ThinOS to 9.0 with the Dell Wyse Management Suite 3.0. After my tests were finished, I wanted to use 8.6 on this device again, as I use it mainly to reconstruct customer issues, and most customers still use 8.6.