SlideShare a Scribd company logo

An Overview about open UDP Services

An Overview about open UDP Services

1 of 15
Download to read offline
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 1
An Overview about open UDP Services
Tarek Sendi – Security Evangelist
https://team-cymru.com/community-services/
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 2
https://team-cymru.com/community-services/
• Introduction
• Reflector and amplifier attacks
• Bangladesh Stats
• Approaches to reduce open UDP services
• Goal for Bangladesh ISP
• Conclusion & Questions
Contents
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 3
https://team-cymru.com/community-services/nimbus-threat-monitor/
তারেক মূলত ততউতিতিযাি তিইআেটি-তত
একজি ইরেন্ট হ্যান্ডলাে তহ্রিরে িাইোে
তিতকউতেটিে প্রতিক্ষণ তিরযতিরলি এেং R&D-
এে টিম তলড হ্রযতিরলি।"টিম িাইমরু"-এ,
তারেক প্রতততিি েযেহ্ােকােী, অংিীিাে এেং
েৃহ্ত্তে িম্প্রিারযে িারে িংর াগ কেরত কাজ
করে। তারেক খি কম্পিউিারেে স্ক্রিরি
আিরক োরক িা, তখি তি তাে িময োগারি
কাজ করে এেং ফ
ু িেল মযারে তগাল িা
হ্াোরিাে জিয োিাধ্য তেষ্টা করে।
Introduction
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 4
https://team-cymru.com/community-services/nimbus-threat-monitor/
Reflector and amplifier attacks
DNS amplification attacks, NTP
attacks, and Memcached DDOS are
amplification attacks. In an
amplification attack, the attacker
sends a forged packet to the DNS
server containing the IP address of
the victim. The UDP server/service
replies back to the victim instead
with larger data. Other kinds of
amplification attack include SMTP,
SSDP, and so on.
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 5
https://team-cymru.com/community-services/nimbus-threat-monitor/
Reflector and amplifier attacks
Protocol Bandwidth Amplification Factor
DNS 28 to 54
NTP 556.9
SNMPv2 6.3
SSDP 30.8
CharGEN 358.8
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 6
• Bangladesh Stats
Country Open Recursive DNS Open NTP Open SNMP Open SSDP Open CHARGEN DDOS Potential TBit/sec DDOS Rank
India 224,172 130,387 43,093 68,185 323 84 11
Thailand 35,311 107,494 14,444 7,387 185 62 14
Australia 55,881 88,254 6,025 1,977 58 52 17
Bangladesh 47,046 25,714 12,389 53 12 16 38
Bulgaria 34,299 25,040 3,209 1,220 32 15 39
Pakistan 13,394 16,457 5,330 457 28 10 50
Puerto Rico 1,718 4,627 2,158 96 N/A 3 87
Copyright 2022, CyberGreen. All Rights Reserved.

Recommended

Security Monitoring with eBPF
Security Monitoring with eBPFSecurity Monitoring with eBPF
Security Monitoring with eBPFAlex Maestretti
 
Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Brendan Gregg
 
Solaris11 기초 자료
Solaris11 기초 자료Solaris11 기초 자료
Solaris11 기초 자료Dong-Hwa jung
 
Kernel advantages for Istio realized with Cilium
Kernel advantages for Istio realized with CiliumKernel advantages for Istio realized with Cilium
Kernel advantages for Istio realized with CiliumCynthia Thomas
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDPDaniel T. Lee
 
Building Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCCBuilding Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCCKernel TLV
 

More Related Content

What's hot

Using eBPF to Measure the k8s Cluster Health
Using eBPF to Measure the k8s Cluster HealthUsing eBPF to Measure the k8s Cluster Health
Using eBPF to Measure the k8s Cluster HealthScyllaDB
 
Linux Linux Traffic Control
Linux Linux Traffic ControlLinux Linux Traffic Control
Linux Linux Traffic ControlSUSE Labs Taipei
 
OpenStack with OpenFlow
OpenStack with OpenFlowOpenStack with OpenFlow
OpenStack with OpenFlowToshiki Tsuboi
 
DevOps Taiwan Monitor Tools 大亂鬥 - Prometheus
DevOps Taiwan Monitor Tools 大亂鬥 - PrometheusDevOps Taiwan Monitor Tools 大亂鬥 - Prometheus
DevOps Taiwan Monitor Tools 大亂鬥 - PrometheusAdam Chen
 
DoS and DDoS mitigations with eBPF, XDP and DPDK
DoS and DDoS mitigations with eBPF, XDP and DPDKDoS and DDoS mitigations with eBPF, XDP and DPDK
DoS and DDoS mitigations with eBPF, XDP and DPDKMarian Marinov
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
Basics of firewall, ebtables, arptables and iptables
Basics of firewall, ebtables, arptables and iptablesBasics of firewall, ebtables, arptables and iptables
Basics of firewall, ebtables, arptables and iptablesPrzemysław Piotrowski
 
CloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingCloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingShapeBlue
 
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...Vietnam Open Infrastructure User Group
 
Understand the iptables step by step
Understand the iptables step by stepUnderstand the iptables step by step
Understand the iptables step by stepHungWei Chiu
 
Cilium - BPF & XDP for containers
 Cilium - BPF & XDP for containers Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containersDocker, Inc.
 
eBPF - Rethinking the Linux Kernel
eBPF - Rethinking the Linux KerneleBPF - Rethinking the Linux Kernel
eBPF - Rethinking the Linux KernelThomas Graf
 
Let's talk about Failures with Kubernetes - Hamburg Meetup
Let's talk about Failures with Kubernetes - Hamburg MeetupLet's talk about Failures with Kubernetes - Hamburg Meetup
Let's talk about Failures with Kubernetes - Hamburg MeetupHenning Jacobs
 
containerdの概要と最近の機能
containerdの概要と最近の機能containerdの概要と最近の機能
containerdの概要と最近の機能Kohei Tokunaga
 
Kubernetes - Security Journey
Kubernetes - Security JourneyKubernetes - Security Journey
Kubernetes - Security JourneyJerry Jalava
 

What's hot (20)

Cryptography
CryptographyCryptography
Cryptography
 
Using eBPF to Measure the k8s Cluster Health
Using eBPF to Measure the k8s Cluster HealthUsing eBPF to Measure the k8s Cluster Health
Using eBPF to Measure the k8s Cluster Health
 
Linux Linux Traffic Control
Linux Linux Traffic ControlLinux Linux Traffic Control
Linux Linux Traffic Control
 
OpenStack with OpenFlow
OpenStack with OpenFlowOpenStack with OpenFlow
OpenStack with OpenFlow
 
DevOps Taiwan Monitor Tools 大亂鬥 - Prometheus
DevOps Taiwan Monitor Tools 大亂鬥 - PrometheusDevOps Taiwan Monitor Tools 大亂鬥 - Prometheus
DevOps Taiwan Monitor Tools 大亂鬥 - Prometheus
 
DoS and DDoS mitigations with eBPF, XDP and DPDK
DoS and DDoS mitigations with eBPF, XDP and DPDKDoS and DDoS mitigations with eBPF, XDP and DPDK
DoS and DDoS mitigations with eBPF, XDP and DPDK
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operations
 
Basics of firewall, ebtables, arptables and iptables
Basics of firewall, ebtables, arptables and iptablesBasics of firewall, ebtables, arptables and iptables
Basics of firewall, ebtables, arptables and iptables
 
CloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and TroubleshootingCloudStack - Top 5 Technical Issues and Troubleshooting
CloudStack - Top 5 Technical Issues and Troubleshooting
 
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
Room 1 - 7 - Lê Quốc Đạt - Upgrading network of Openstack to SDN with Tungste...
 
Understand the iptables step by step
Understand the iptables step by stepUnderstand the iptables step by step
Understand the iptables step by step
 
Graylog for open stack 3 steps to know why
Graylog for open stack    3 steps to know whyGraylog for open stack    3 steps to know why
Graylog for open stack 3 steps to know why
 
Cilium - BPF & XDP for containers
 Cilium - BPF & XDP for containers Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containers
 
DPDK KNI interface
DPDK KNI interfaceDPDK KNI interface
DPDK KNI interface
 
eBPF - Rethinking the Linux Kernel
eBPF - Rethinking the Linux KerneleBPF - Rethinking the Linux Kernel
eBPF - Rethinking the Linux Kernel
 
Let's talk about Failures with Kubernetes - Hamburg Meetup
Let's talk about Failures with Kubernetes - Hamburg MeetupLet's talk about Failures with Kubernetes - Hamburg Meetup
Let's talk about Failures with Kubernetes - Hamburg Meetup
 
containerdの概要と最近の機能
containerdの概要と最近の機能containerdの概要と最近の機能
containerdの概要と最近の機能
 
Kubernetes - Security Journey
Kubernetes - Security JourneyKubernetes - Security Journey
Kubernetes - Security Journey
 
Scale Kubernetes to support 50000 services
Scale Kubernetes to support 50000 servicesScale Kubernetes to support 50000 services
Scale Kubernetes to support 50000 services
 
SRv6 study
SRv6 studySRv6 study
SRv6 study
 

Similar to An Overview about open UDP Services

Strategica india report fdi
Strategica india report fdiStrategica india report fdi
Strategica india report fdiSaurav Sanyal
 
Detecting Malicious Websites using Machine Learning
Detecting Malicious Websites using Machine LearningDetecting Malicious Websites using Machine Learning
Detecting Malicious Websites using Machine LearningAndrew Beard
 
Trendeo industrial investment in asia may 2018
Trendeo industrial investment in asia may 2018Trendeo industrial investment in asia may 2018
Trendeo industrial investment in asia may 2018Trendeo
 
JCDL2015: How Well are Arabic Websites Archived?
JCDL2015: How Well are Arabic Websites Archived?JCDL2015: How Well are Arabic Websites Archived?
JCDL2015: How Well are Arabic Websites Archived?LulwahMA
 
Oliot samsung-daeyoungkim-kaist wide-version-final
Oliot samsung-daeyoungkim-kaist wide-version-finalOliot samsung-daeyoungkim-kaist wide-version-final
Oliot samsung-daeyoungkim-kaist wide-version-finalDaeyoung Kim
 
SkyBridge Tactical Capabilities
SkyBridge Tactical CapabilitiesSkyBridge Tactical Capabilities
SkyBridge Tactical CapabilitiesC. R. Morgan
 
データセンターは世界にいくつ必要か
データセンターは世界にいくつ必要かデータセンターは世界にいくつ必要か
データセンターは世界にいくつ必要かToru Makabe
 
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201Amazon Web Services
 
Using amazon machine learning to identify trends in io t data technical 201
Using amazon machine learning to identify trends in io t data   technical 201Using amazon machine learning to identify trends in io t data   technical 201
Using amazon machine learning to identify trends in io t data technical 201Amazon Web Services
 
RIPE 76: Is IPv6 on for the rich?
RIPE 76: Is IPv6 on for the rich?RIPE 76: Is IPv6 on for the rich?
RIPE 76: Is IPv6 on for the rich?APNIC
 
An IPv6 Update
An IPv6 UpdateAn IPv6 Update
An IPv6 UpdateAPNIC
 
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOGIndonesia Network Operators Group
 
QNBFS Daily Market Report November 04, 2021
QNBFS Daily Market Report November 04, 2021QNBFS Daily Market Report November 04, 2021
QNBFS Daily Market Report November 04, 2021QNB Group
 
KHNOG 2 Online Webinar: IPv6 Deployment Update
KHNOG 2 Online Webinar: IPv6 Deployment UpdateKHNOG 2 Online Webinar: IPv6 Deployment Update
KHNOG 2 Online Webinar: IPv6 Deployment UpdateAPNIC
 
KHNOG 5: RPKI Status Update
KHNOG 5: RPKI Status UpdateKHNOG 5: RPKI Status Update
KHNOG 5: RPKI Status UpdateAPNIC
 

Similar to An Overview about open UDP Services (20)

Strategica india report fdi
Strategica india report fdiStrategica india report fdi
Strategica india report fdi
 
IPv6 Matrix Presentation - June 2013
IPv6 Matrix Presentation - June 2013IPv6 Matrix Presentation - June 2013
IPv6 Matrix Presentation - June 2013
 
Detecting Malicious Websites using Machine Learning
Detecting Malicious Websites using Machine LearningDetecting Malicious Websites using Machine Learning
Detecting Malicious Websites using Machine Learning
 
IP Transit : Simple Math - Simple Calculation
IP Transit : Simple Math - Simple CalculationIP Transit : Simple Math - Simple Calculation
IP Transit : Simple Math - Simple Calculation
 
正文年報102
正文年報102正文年報102
正文年報102
 
Trendeo industrial investment in asia may 2018
Trendeo industrial investment in asia may 2018Trendeo industrial investment in asia may 2018
Trendeo industrial investment in asia may 2018
 
JCDL2015: How Well are Arabic Websites Archived?
JCDL2015: How Well are Arabic Websites Archived?JCDL2015: How Well are Arabic Websites Archived?
JCDL2015: How Well are Arabic Websites Archived?
 
Oliot samsung-daeyoungkim-kaist wide-version-final
Oliot samsung-daeyoungkim-kaist wide-version-finalOliot samsung-daeyoungkim-kaist wide-version-final
Oliot samsung-daeyoungkim-kaist wide-version-final
 
IPv6 Deployment Update
IPv6 Deployment UpdateIPv6 Deployment Update
IPv6 Deployment Update
 
Observability on kubernetes
Observability on kubernetesObservability on kubernetes
Observability on kubernetes
 
SkyBridge Tactical Capabilities
SkyBridge Tactical CapabilitiesSkyBridge Tactical Capabilities
SkyBridge Tactical Capabilities
 
データセンターは世界にいくつ必要か
データセンターは世界にいくつ必要かデータセンターは世界にいくつ必要か
データセンターは世界にいくつ必要か
 
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201
 
Using amazon machine learning to identify trends in io t data technical 201
Using amazon machine learning to identify trends in io t data   technical 201Using amazon machine learning to identify trends in io t data   technical 201
Using amazon machine learning to identify trends in io t data technical 201
 
RIPE 76: Is IPv6 on for the rich?
RIPE 76: Is IPv6 on for the rich?RIPE 76: Is IPv6 on for the rich?
RIPE 76: Is IPv6 on for the rich?
 
An IPv6 Update
An IPv6 UpdateAn IPv6 Update
An IPv6 Update
 
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
 
QNBFS Daily Market Report November 04, 2021
QNBFS Daily Market Report November 04, 2021QNBFS Daily Market Report November 04, 2021
QNBFS Daily Market Report November 04, 2021
 
KHNOG 2 Online Webinar: IPv6 Deployment Update
KHNOG 2 Online Webinar: IPv6 Deployment UpdateKHNOG 2 Online Webinar: IPv6 Deployment Update
KHNOG 2 Online Webinar: IPv6 Deployment Update
 
KHNOG 5: RPKI Status Update
KHNOG 5: RPKI Status UpdateKHNOG 5: RPKI Status Update
KHNOG 5: RPKI Status Update
 

More from Bangladesh Network Operators Group

Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephAccelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephBangladesh Network Operators Group
 
Contents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceContents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceBangladesh Network Operators Group
 
Re-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaRe-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaBangladesh Network Operators Group
 

More from Bangladesh Network Operators Group (20)

Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephAccelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
 
Recent IRR changes by Yoshinobu Matsuzaki, IIJ
Recent IRR changes by Yoshinobu Matsuzaki, IIJRecent IRR changes by Yoshinobu Matsuzaki, IIJ
Recent IRR changes by Yoshinobu Matsuzaki, IIJ
 
Fact Sheets : Network Status in Bangladesh
Fact Sheets : Network Status in BangladeshFact Sheets : Network Status in Bangladesh
Fact Sheets : Network Status in Bangladesh
 
AI Driven Wi-Fi for the Bottom of the Pyramid
AI Driven Wi-Fi for the Bottom of the PyramidAI Driven Wi-Fi for the Bottom of the Pyramid
AI Driven Wi-Fi for the Bottom of the Pyramid
 
IPv6 Security Overview by QS Tahmeed, APNIC RCT
IPv6 Security Overview by QS Tahmeed, APNIC RCTIPv6 Security Overview by QS Tahmeed, APNIC RCT
IPv6 Security Overview by QS Tahmeed, APNIC RCT
 
Network eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life ProductNetwork eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life Product
 
A plenarily integrated SIEM solution and it’s Deployment
A plenarily integrated SIEM solution and it’s DeploymentA plenarily integrated SIEM solution and it’s Deployment
A plenarily integrated SIEM solution and it’s Deployment
 
IPv6 Deployment in South Asia 2022
IPv6 Deployment in South Asia  2022IPv6 Deployment in South Asia  2022
IPv6 Deployment in South Asia 2022
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)
 
RPKI Deployment Status in Bangladesh
RPKI Deployment Status in BangladeshRPKI Deployment Status in Bangladesh
RPKI Deployment Status in Bangladesh
 
12 Years in DNS Security As a Defender
12 Years in DNS Security As a Defender12 Years in DNS Security As a Defender
12 Years in DNS Security As a Defender
 
Contents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceContents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User Experience
 
BdNOG-20220625-MT-v6.0.pptx
BdNOG-20220625-MT-v6.0.pptxBdNOG-20220625-MT-v6.0.pptx
BdNOG-20220625-MT-v6.0.pptx
 
Route Leak Prevension with BGP Community
Route Leak Prevension with BGP CommunityRoute Leak Prevension with BGP Community
Route Leak Prevension with BGP Community
 
Tale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIXTale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIX
 
MANRS for Network Operators
MANRS for Network OperatorsMANRS for Network Operators
MANRS for Network Operators
 
Re-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaRe-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with Grafana
 
RPKI ROA updates
RPKI ROA updatesRPKI ROA updates
RPKI ROA updates
 
Blockchain Demystified
Blockchain DemystifiedBlockchain Demystified
Blockchain Demystified
 
Measuring the Internet Economy: How Networks Create Value
Measuring the Internet Economy: How Networks Create ValueMeasuring the Internet Economy: How Networks Create Value
Measuring the Internet Economy: How Networks Create Value
 

Recently uploaded

Model Jaringan network jaringan komputer.pdf
Model Jaringan network jaringan komputer.pdfModel Jaringan network jaringan komputer.pdf
Model Jaringan network jaringan komputer.pdfgalfinprihardiputra0
 
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and PrivacyDisobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and PrivacyKarri Huhtanen
 
Red shadows ringing in Japan's Cyberspace
Red shadows ringing in Japan's CyberspaceRed shadows ringing in Japan's Cyberspace
Red shadows ringing in Japan's Cyberspacesttyk
 
Augmented and Mixed Reality Solutions for Aerospace & Defense
Augmented and Mixed Reality Solutions for Aerospace & DefenseAugmented and Mixed Reality Solutions for Aerospace & Defense
Augmented and Mixed Reality Solutions for Aerospace & Defensethirdeyegen65
 
Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023Damar Juniarto
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
Biometrics Technology Intresting PPT
Biometrics Technology Intresting PPTBiometrics Technology Intresting PPT
Biometrics Technology Intresting PPTPraveenKumarThota7
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
AWS Overview of AWS Clarify, Feature Store, Hyper parameter Tuning
AWS Overview of AWS  Clarify, Feature Store, Hyper parameter TuningAWS Overview of AWS  Clarify, Feature Store, Hyper parameter Tuning
AWS Overview of AWS Clarify, Feature Store, Hyper parameter TuningVarun Garg
 
Augmented and Mixed Reality Solutions for Frontline Medical Professionals
Augmented and Mixed Reality Solutions for Frontline Medical ProfessionalsAugmented and Mixed Reality Solutions for Frontline Medical Professionals
Augmented and Mixed Reality Solutions for Frontline Medical Professionalsthirdeyegen65
 

Recently uploaded (10)

Model Jaringan network jaringan komputer.pdf
Model Jaringan network jaringan komputer.pdfModel Jaringan network jaringan komputer.pdf
Model Jaringan network jaringan komputer.pdf
 
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and PrivacyDisobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
Disobey 2024: Karri Huhtanen: Wi-Fi Roaming Security and Privacy
 
Red shadows ringing in Japan's Cyberspace
Red shadows ringing in Japan's CyberspaceRed shadows ringing in Japan's Cyberspace
Red shadows ringing in Japan's Cyberspace
 
Augmented and Mixed Reality Solutions for Aerospace & Defense
Augmented and Mixed Reality Solutions for Aerospace & DefenseAugmented and Mixed Reality Solutions for Aerospace & Defense
Augmented and Mixed Reality Solutions for Aerospace & Defense
 
Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
Biometrics Technology Intresting PPT
Biometrics Technology Intresting PPTBiometrics Technology Intresting PPT
Biometrics Technology Intresting PPT
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
AWS Overview of AWS Clarify, Feature Store, Hyper parameter Tuning
AWS Overview of AWS  Clarify, Feature Store, Hyper parameter TuningAWS Overview of AWS  Clarify, Feature Store, Hyper parameter Tuning
AWS Overview of AWS Clarify, Feature Store, Hyper parameter Tuning
 
Augmented and Mixed Reality Solutions for Frontline Medical Professionals
Augmented and Mixed Reality Solutions for Frontline Medical ProfessionalsAugmented and Mixed Reality Solutions for Frontline Medical Professionals
Augmented and Mixed Reality Solutions for Frontline Medical Professionals
 

An Overview about open UDP Services

  • 1. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 1 An Overview about open UDP Services Tarek Sendi – Security Evangelist https://team-cymru.com/community-services/
  • 2. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 2 https://team-cymru.com/community-services/ • Introduction • Reflector and amplifier attacks • Bangladesh Stats • Approaches to reduce open UDP services • Goal for Bangladesh ISP • Conclusion & Questions Contents
  • 3. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 3 https://team-cymru.com/community-services/nimbus-threat-monitor/ তারেক মূলত ততউতিতিযাি তিইআেটি-তত একজি ইরেন্ট হ্যান্ডলাে তহ্রিরে িাইোে তিতকউতেটিে প্রতিক্ষণ তিরযতিরলি এেং R&D- এে টিম তলড হ্রযতিরলি।"টিম িাইমরু"-এ, তারেক প্রতততিি েযেহ্ােকােী, অংিীিাে এেং েৃহ্ত্তে িম্প্রিারযে িারে িংর াগ কেরত কাজ করে। তারেক খি কম্পিউিারেে স্ক্রিরি আিরক োরক িা, তখি তি তাে িময োগারি কাজ করে এেং ফ ু িেল মযারে তগাল িা হ্াোরিাে জিয োিাধ্য তেষ্টা করে। Introduction
  • 4. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 4 https://team-cymru.com/community-services/nimbus-threat-monitor/ Reflector and amplifier attacks DNS amplification attacks, NTP attacks, and Memcached DDOS are amplification attacks. In an amplification attack, the attacker sends a forged packet to the DNS server containing the IP address of the victim. The UDP server/service replies back to the victim instead with larger data. Other kinds of amplification attack include SMTP, SSDP, and so on.
  • 5. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 5 https://team-cymru.com/community-services/nimbus-threat-monitor/ Reflector and amplifier attacks Protocol Bandwidth Amplification Factor DNS 28 to 54 NTP 556.9 SNMPv2 6.3 SSDP 30.8 CharGEN 358.8
  • 6. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 6 • Bangladesh Stats Country Open Recursive DNS Open NTP Open SNMP Open SSDP Open CHARGEN DDOS Potential TBit/sec DDOS Rank India 224,172 130,387 43,093 68,185 323 84 11 Thailand 35,311 107,494 14,444 7,387 185 62 14 Australia 55,881 88,254 6,025 1,977 58 52 17 Bangladesh 47,046 25,714 12,389 53 12 16 38 Bulgaria 34,299 25,040 3,209 1,220 32 15 39 Pakistan 13,394 16,457 5,330 457 28 10 50 Puerto Rico 1,718 4,627 2,158 96 N/A 3 87 Copyright 2022, CyberGreen. All Rights Reserved.
  • 7. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 7 Copyright 2022, CyberGreen. All Rights Reserved. • Open Recursive DNS • Bangladesh Stats (World rank #25)
  • 8. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 8 • Bangladesh Stats (World rank #38) Copyright 2022, CyberGreen. All Rights Reserved. • Open NTP
  • 9. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 9 • Bangladesh Stats (World rank #38) Copyright 2022, CyberGreen. All Rights Reserved. • Open SNMP
  • 10. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 10 • Bangladesh Stats (World rank #38) Copyright 2022, CyberGreen. All Rights Reserved. • Open SNMP
  • 11. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 11 • Bangladesh Stats (World rank #9) https://spoofer.caida.org/summary.php • Top Ten Spoofer Test Results (for the last year) Country Client IP blocks Spoofing IP blocks Blocking IP blocks Inconsistent IP blocks Client ASNs Spoofing ASNs Non-NAT NAT bra (Brazil) 2032328 (16.1%) 373 (18.4%) 1307 (64.3%) 24 (1.2%) 476195 (41.0%) ind (India) 1015151 (14.9%) 147 (14.5%) 712 (70.1%) 5 (0.5%) 4815 (31.3%) usa (United States) 1959117 (6.0%) 557 (28.4%) 1284 (65.5%) 1 (0.1%) 31173 (23.5%) egy (Egypt) 11998 (82.4%) 0 (0.0%) 21 (17.6%) 0 (0.0%) 53 (60.0%) arg (Argentina) 9944 (44.4%) 13 (13.1%) 42 (42.4%) 0 (0.0%) 175 (29.4%) irn (Iran) 25028 (11.2%) 17 (6.8%) 204 (81.6%) 1 (0.4%) 264 (15.4%) npl (Nepal) 5522 (40.0%) 8 (14.5%) 24 (43.6%) 1 (1.8%) 105 (50.0%) chn (China) 44221 (4.8%) 101 (22.9%) 318 (71.9%) 2 (0.5%) 4215 (35.7%) bgd (Bangladesh) 5419 (35.2%) 0 (0.0%) 35 (64.8%) 0 (0.0%) 2912 (41.4%) pol (Poland) 246 18 (7.3%) 18 (7.3%) 209 (85.0%) 1 (0.4%) 49 9 (18.4%)
  • 12. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 12 https://team-cymru.com/community-services/ • Approaches to reduce the impact of open UDP services This is what we can do: • Adhere and use ingress filtering to block spoofed packets (IETF BCP 38 and BCP 84 guidelines). • Use traffic shaping on UDP service requests to ensure repeated access to over-the-Internet resources is not abusive. (rfc2475 and rfc3260) • Disable and remove unwanted services, or deny access to local services over the internet, e.g., for NTP or DNS • Add session handling to the protocols
  • 13. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 13 https://team-cymru.com/community-services/ • Goal for Bangladesh ISP we hope to reduce the number of open UDP services in Bangladesh by any number.
  • 14. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 14 Conclusion & Questions? https://team-cymru.com/community-services/
  • 15. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com Thank You! 15

Editor's Notes

  1. https://team-cymru.com/community-services/nimbus-threat-monitor/
  2. https://team-cymru.com/community-services/nimbus-threat-monitor/
  3. https://team-cymru.com/community-services/nimbus-threat-monitor/
  4. https://team-cymru.com/community-services/nimbus-threat-monitor/
  5. https://team-cymru.com/community-services/nimbus-threat-monitor/
  6. https://team-cymru.com/community-services/nimbus-threat-monitor/
  7. You can use Session Persistence of various types of udp services
  8. You can use Session Persistence of various types of udp services