[MzHN]

Here's another thought. Could you use this to instead _attack_ someone from Microsoft's IP range?

Maybe not DDoS, but if the range is naively whitelisted, maybe something more precise due to the fact that the victim believes the environment to be isolated.

[joosters]

Hopefully MS block their sandboxes from contacting known ports, e.g. < 1024, so it would be difficult to attack common services, but who knows?

[jmvoodoo]

Based on the article it seems low ports work. Port 20 was posted by the beacon.