This is an automated archive made by the Lemmit Bot.
The original was posted on /r/selfhosted by /u/auge2 on 2025-05-28 20:20:18+00:00.
Quite a lot of servers running open source coturn, which is a popular turn/stun server (used for nextcloud video calls, for example) just got abused by an unknown third party to attack OVH hosts.
Apparently, coturn somehow allows unauthenticated reflection/amplification attacks. This resulted in a huge port scan attack against selected OVH hosts.
Hetzner (a popular server provider in Germany) banned hundreds of their internal servers which were part of that attack.
(Even more annoying, tomorrow is a national holiday in Germany and a lot of server hosting providers won't have support available to unban those servers)
If you are running coturn, you probably should disable it until this situation is resolved. I guess most people running it won't even remember having that set up, since it is a passive tool thats easy to forget