Just about any protocol, if not protected properly, can be abused my attackers. We've see this recently with CLDAP being used in DDoS amplification attacks across the internet. In this article, I explain what DDoS amplification is and why leaving unneeded services on the internet provides attackers ammunition to quickly launch attacks against their victims. With any amplification DDoS, attackers rely on insecure, misconfigurationed or unpatched systems sitting on the public internet to be used as a weapon in their assault. At this point, our negligence in using technology properly (patching and configuration) becomes an enabler for attackers looking to abuse them for their own gain.