SlideShare a Scribd company logo

An Overview about open UDP Services

Download as PPTX, PDF
Bangladesh Network Operators Group
Bangladesh Network Operators Group

An Overview about open UDP Services

Internet
1 of 15
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 1 An Overview about open UDP Services Tarek Sendi – Security Evangelist https://team-cymru.com/community-services/
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 2 https://team-cymru.com/community-services/ • Introduction • Reflector and amplifier attacks • Bangladesh Stats • Approaches to reduce open UDP services • Goal for Bangladesh ISP • Conclusion & Questions Contents
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 3 https://team-cymru.com/community-services/nimbus-threat-monitor/ তারেক মূলত ততউতিতিযাি তিইআেটি-তত একজি ইরেন্ট হ্যান্ডলাে তহ্রিরে িাইোে তিতকউতেটিে প্রতিক্ষণ তিরযতিরলি এেং R&D- এে টিম তলড হ্রযতিরলি।"টিম িাইমরু"-এ, তারেক প্রতততিি েযেহ্ােকােী, অংিীিাে এেং েৃহ্ত্তে িম্প্রিারযে িারে িংর াগ কেরত কাজ করে। তারেক খি কম্পিউিারেে স্ক্রিরি আিরক োরক িা, তখি তি তাে িময োগারি কাজ করে এেং ফ ু িেল মযারে তগাল িা হ্াোরিাে জিয োিাধ্য তেষ্টা করে। Introduction
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 4 https://team-cymru.com/community-services/nimbus-threat-monitor/ Reflector and amplifier attacks DNS amplification attacks, NTP attacks, and Memcached DDOS are amplification attacks. In an amplification attack, the attacker sends a forged packet to the DNS server containing the IP address of the victim. The UDP server/service replies back to the victim instead with larger data. Other kinds of amplification attack include SMTP, SSDP, and so on.
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 5 https://team-cymru.com/community-services/nimbus-threat-monitor/ Reflector and amplifier attacks Protocol Bandwidth Amplification Factor DNS 28 to 54 NTP 556.9 SNMPv2 6.3 SSDP 30.8 CharGEN 358.8
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 6 • Bangladesh Stats Country Open Recursive DNS Open NTP Open SNMP Open SSDP Open CHARGEN DDOS Potential TBit/sec DDOS Rank India 224,172 130,387 43,093 68,185 323 84 11 Thailand 35,311 107,494 14,444 7,387 185 62 14 Australia 55,881 88,254 6,025 1,977 58 52 17 Bangladesh 47,046 25,714 12,389 53 12 16 38 Bulgaria 34,299 25,040 3,209 1,220 32 15 39 Pakistan 13,394 16,457 5,330 457 28 10 50 Puerto Rico 1,718 4,627 2,158 96 N/A 3 87 Copyright 2022, CyberGreen. All Rights Reserved.
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 7 Copyright 2022, CyberGreen. All Rights Reserved. • Open Recursive DNS • Bangladesh Stats (World rank #25)
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 8 • Bangladesh Stats (World rank #38) Copyright 2022, CyberGreen. All Rights Reserved. • Open NTP
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 9 • Bangladesh Stats (World rank #38) Copyright 2022, CyberGreen. All Rights Reserved. • Open SNMP
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 10 • Bangladesh Stats (World rank #38) Copyright 2022, CyberGreen. All Rights Reserved. • Open SNMP
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 11 • Bangladesh Stats (World rank #9) https://spoofer.caida.org/summary.php • Top Ten Spoofer Test Results (for the last year) Country Client IP blocks Spoofing IP blocks Blocking IP blocks Inconsistent IP blocks Client ASNs Spoofing ASNs Non-NAT NAT bra (Brazil) 2032328 (16.1%) 373 (18.4%) 1307 (64.3%) 24 (1.2%) 476195 (41.0%) ind (India) 1015151 (14.9%) 147 (14.5%) 712 (70.1%) 5 (0.5%) 4815 (31.3%) usa (United States) 1959117 (6.0%) 557 (28.4%) 1284 (65.5%) 1 (0.1%) 31173 (23.5%) egy (Egypt) 11998 (82.4%) 0 (0.0%) 21 (17.6%) 0 (0.0%) 53 (60.0%) arg (Argentina) 9944 (44.4%) 13 (13.1%) 42 (42.4%) 0 (0.0%) 175 (29.4%) irn (Iran) 25028 (11.2%) 17 (6.8%) 204 (81.6%) 1 (0.4%) 264 (15.4%) npl (Nepal) 5522 (40.0%) 8 (14.5%) 24 (43.6%) 1 (1.8%) 105 (50.0%) chn (China) 44221 (4.8%) 101 (22.9%) 318 (71.9%) 2 (0.5%) 4215 (35.7%) bgd (Bangladesh) 5419 (35.2%) 0 (0.0%) 35 (64.8%) 0 (0.0%) 2912 (41.4%) pol (Poland) 246 18 (7.3%) 18 (7.3%) 209 (85.0%) 1 (0.4%) 49 9 (18.4%)
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 12 https://team-cymru.com/community-services/ • Approaches to reduce the impact of open UDP services This is what we can do: • Adhere and use ingress filtering to block spoofed packets (IETF BCP 38 and BCP 84 guidelines). • Use traffic shaping on UDP service requests to ensure repeated access to over-the-Internet resources is not abusive. (rfc2475 and rfc3260) • Disable and remove unwanted services, or deny access to local services over the internet, e.g., for NTP or DNS • Add session handling to the protocols
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 13 https://team-cymru.com/community-services/ • Goal for Bangladesh ISP we hope to reduce the number of open UDP services in Bangladesh by any number.
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 14 Conclusion & Questions? https://team-cymru.com/community-services/
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com Thank You! 15

Recommended

12 Years in DNS Security As a Defender
12 Years in DNS Security As a Defender12 Years in DNS Security As a Defender
12 Years in DNS Security As a DefenderBangladesh Network Operators Group
 
DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec APNIC
 
Route Leak Prevension with BGP Community
Route Leak Prevension with BGP CommunityRoute Leak Prevension with BGP Community
Route Leak Prevension with BGP CommunityBangladesh Network Operators Group
 
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Bruno Teixeira
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"abend_cve_9999_0001
 
Load Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - SlidesLoad Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - SlidesSeveralnines
 
GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)NetProtocol Xpert
 
Suricata
SuricataSuricata
Suricatatex_morgan
 

Recommended

12 Years in DNS Security As a Defender
12 Years in DNS Security As a Defender12 Years in DNS Security As a Defender
12 Years in DNS Security As a DefenderBangladesh Network Operators Group
 
DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec APNIC
 
Route Leak Prevension with BGP Community
Route Leak Prevension with BGP CommunityRoute Leak Prevension with BGP Community
Route Leak Prevension with BGP CommunityBangladesh Network Operators Group
 
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Bruno Teixeira
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"abend_cve_9999_0001
 
Load Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - SlidesLoad Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - SlidesSeveralnines
 
GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)NetProtocol Xpert
 
Suricata
SuricataSuricata
Suricatatex_morgan
 
Tale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIXTale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIXBangladesh Network Operators Group
 
nftables - the evolution of Linux Firewall
nftables - the evolution of Linux Firewallnftables - the evolution of Linux Firewall
nftables - the evolution of Linux FirewallMarian Marinov
 
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Kentaro Ebisawa
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
Session hijacking
Session hijackingSession hijacking
Session hijackingGayatri Kapse
 
Routing and OSPF
Routing and OSPFRouting and OSPF
Routing and OSPFarpit
 
Nmap tutorial
Nmap tutorialNmap tutorial
Nmap tutorialVarun Kakumani
 
NMAP
NMAPNMAP
NMAPPrateekAryan1
 
Building Active Directory Monitoring with Telegraf, InfluxDB, and Grafana
Building Active Directory Monitoring with Telegraf, InfluxDB, and GrafanaBuilding Active Directory Monitoring with Telegraf, InfluxDB, and Grafana
Building Active Directory Monitoring with Telegraf, InfluxDB, and GrafanaBoni Yeamin
 
Implementing BGP Flowspec at IP transit network
Implementing BGP Flowspec at IP transit networkImplementing BGP Flowspec at IP transit network
Implementing BGP Flowspec at IP transit networkPavel Odintsov
 
System hardening - OS and Application
System hardening - OS and ApplicationSystem hardening - OS and Application
System hardening - OS and Applicationedavid2685
 
Implementing IPv6 Segment Routing in the Linux kernel
Implementing IPv6 Segment Routing in the Linux kernelImplementing IPv6 Segment Routing in the Linux kernel
Implementing IPv6 Segment Routing in the Linux kernelOlivier Bonaventure
 
Directory services
Directory servicesDirectory services
Directory servicesChristalin Nelson
 
Testbeds IntErconnections with L2 overlays - SRv6 for SFC
Testbeds IntErconnections with L2 overlays - SRv6 for SFCTestbeds IntErconnections with L2 overlays - SRv6 for SFC
Testbeds IntErconnections with L2 overlays - SRv6 for SFCStefano Salsano
 
Netcat
NetcatNetcat
Netcatpenetration Tester
 
Wireless Investigations using Xplico
Wireless Investigations using XplicoWireless Investigations using Xplico
Wireless Investigations using XplicoChris Harrington
 
GoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPdGoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPdPavel Odintsov
 
Introduction to tcpdump
Introduction to tcpdumpIntroduction to tcpdump
Introduction to tcpdumpLev Walkin
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksSam Bowne
 
Strategica india report fdi
Strategica india report fdiStrategica india report fdi
Strategica india report fdiSaurav Sanyal
 
IPv6 Matrix Presentation - June 2013
IPv6 Matrix Presentation - June 2013IPv6 Matrix Presentation - June 2013
IPv6 Matrix Presentation - June 2013Olivier MJ Crépin-Leblond
 

More Related Content

What's hot

nftables - the evolution of Linux Firewall
nftables - the evolution of Linux Firewallnftables - the evolution of Linux Firewall
nftables - the evolution of Linux FirewallMarian Marinov
 
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Kentaro Ebisawa
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
Routing and OSPF
Routing and OSPFRouting and OSPF
Routing and OSPFarpit
 
Building Active Directory Monitoring with Telegraf, InfluxDB, and Grafana
Building Active Directory Monitoring with Telegraf, InfluxDB, and GrafanaBuilding Active Directory Monitoring with Telegraf, InfluxDB, and Grafana
Building Active Directory Monitoring with Telegraf, InfluxDB, and GrafanaBoni Yeamin
 
Implementing BGP Flowspec at IP transit network
Implementing BGP Flowspec at IP transit networkImplementing BGP Flowspec at IP transit network
Implementing BGP Flowspec at IP transit networkPavel Odintsov
 
System hardening - OS and Application
System hardening - OS and ApplicationSystem hardening - OS and Application
System hardening - OS and Applicationedavid2685
 
Implementing IPv6 Segment Routing in the Linux kernel
Implementing IPv6 Segment Routing in the Linux kernelImplementing IPv6 Segment Routing in the Linux kernel
Implementing IPv6 Segment Routing in the Linux kernelOlivier Bonaventure
 
Testbeds IntErconnections with L2 overlays - SRv6 for SFC
Testbeds IntErconnections with L2 overlays - SRv6 for SFCTestbeds IntErconnections with L2 overlays - SRv6 for SFC
Testbeds IntErconnections with L2 overlays - SRv6 for SFCStefano Salsano
 
Wireless Investigations using Xplico
Wireless Investigations using XplicoWireless Investigations using Xplico
Wireless Investigations using XplicoChris Harrington
 
GoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPdGoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPdPavel Odintsov
 
Introduction to tcpdump
Introduction to tcpdumpIntroduction to tcpdump
Introduction to tcpdumpLev Walkin
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksSam Bowne
 

What's hot (20)

Tale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIXTale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIX
 
nftables - the evolution of Linux Firewall
nftables - the evolution of Linux Firewallnftables - the evolution of Linux Firewall
nftables - the evolution of Linux Firewall
 
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
 
Session hijacking
Session hijackingSession hijacking
Session hijacking
 
Routing and OSPF
Routing and OSPFRouting and OSPF
Routing and OSPF
 
Nmap tutorial
Nmap tutorialNmap tutorial
Nmap tutorial
 
NMAP
NMAPNMAP
NMAP
 
Building Active Directory Monitoring with Telegraf, InfluxDB, and Grafana
Building Active Directory Monitoring with Telegraf, InfluxDB, and GrafanaBuilding Active Directory Monitoring with Telegraf, InfluxDB, and Grafana
Building Active Directory Monitoring with Telegraf, InfluxDB, and Grafana
 
Implementing BGP Flowspec at IP transit network
Implementing BGP Flowspec at IP transit networkImplementing BGP Flowspec at IP transit network
Implementing BGP Flowspec at IP transit network
 
System hardening - OS and Application
System hardening - OS and ApplicationSystem hardening - OS and Application
System hardening - OS and Application
 
Implementing IPv6 Segment Routing in the Linux kernel
Implementing IPv6 Segment Routing in the Linux kernelImplementing IPv6 Segment Routing in the Linux kernel
Implementing IPv6 Segment Routing in the Linux kernel
 
Directory services
Directory servicesDirectory services
Directory services
 
Testbeds IntErconnections with L2 overlays - SRv6 for SFC
Testbeds IntErconnections with L2 overlays - SRv6 for SFCTestbeds IntErconnections with L2 overlays - SRv6 for SFC
Testbeds IntErconnections with L2 overlays - SRv6 for SFC
 
Netcat
NetcatNetcat
Netcat
 
Wireless Investigations using Xplico
Wireless Investigations using XplicoWireless Investigations using Xplico
Wireless Investigations using Xplico
 
GoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPdGoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPd
 
Introduction to tcpdump
Introduction to tcpdumpIntroduction to tcpdump
Introduction to tcpdump
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer Attacks
 

Similar to An Overview about open UDP Services

Strategica india report fdi
Strategica india report fdiStrategica india report fdi
Strategica india report fdiSaurav Sanyal
 
Detecting Malicious Websites using Machine Learning
Detecting Malicious Websites using Machine LearningDetecting Malicious Websites using Machine Learning
Detecting Malicious Websites using Machine LearningAndrew Beard
 
Footwear sourcing in indonesia and cambodia fdra (dec 2012)
Footwear sourcing in indonesia and cambodia fdra (dec 2012)Footwear sourcing in indonesia and cambodia fdra (dec 2012)
Footwear sourcing in indonesia and cambodia fdra (dec 2012)Cascade Asia Advisors
 
Accenture Technology Vision 2019 Ireland Findings: The Post Digital Era is Here
Accenture Technology Vision 2019 Ireland Findings: The Post Digital Era is HereAccenture Technology Vision 2019 Ireland Findings: The Post Digital Era is Here
Accenture Technology Vision 2019 Ireland Findings: The Post Digital Era is Hereaccenture
 
Trendeo industrial investment in asia may 2018
Trendeo industrial investment in asia may 2018Trendeo industrial investment in asia may 2018
Trendeo industrial investment in asia may 2018Trendeo
 
JCDL2015: How Well are Arabic Websites Archived?
JCDL2015: How Well are Arabic Websites Archived?JCDL2015: How Well are Arabic Websites Archived?
JCDL2015: How Well are Arabic Websites Archived?LulwahMA
 
Oliot samsung-daeyoungkim-kaist wide-version-final
Oliot samsung-daeyoungkim-kaist wide-version-finalOliot samsung-daeyoungkim-kaist wide-version-final
Oliot samsung-daeyoungkim-kaist wide-version-finalDaeyoung Kim
 
Ferreira c ai-se2013-final-handouts
Ferreira c ai-se2013-final-handoutsFerreira c ai-se2013-final-handouts
Ferreira c ai-se2013-final-handoutscaise2013vlc
 
SkyBridge Tactical Capabilities
SkyBridge Tactical CapabilitiesSkyBridge Tactical Capabilities
SkyBridge Tactical CapabilitiesC. R. Morgan
 
データセンターは世界にいくつ必要か
データセンターは世界にいくつ必要かデータセンターは世界にいくつ必要か
データセンターは世界にいくつ必要かToru Makabe
 
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201Amazon Web Services
 
Using amazon machine learning to identify trends in io t data technical 201
Using amazon machine learning to identify trends in io t data technical 201Using amazon machine learning to identify trends in io t data technical 201
Using amazon machine learning to identify trends in io t data technical 201Amazon Web Services
 
Procurement best practices
Procurement best practicesProcurement best practices
Procurement best practicesremoeneltigre
 
RIPE 76: Is IPv6 on for the rich?
RIPE 76: Is IPv6 on for the rich?RIPE 76: Is IPv6 on for the rich?
RIPE 76: Is IPv6 on for the rich?APNIC
 
David dean e friction refresh tunis ais 04jun15v3
David dean e friction refresh tunis ais 04jun15v3David dean e friction refresh tunis ais 04jun15v3
David dean e friction refresh tunis ais 04jun15v3AFRINIC
 

Similar to An Overview about open UDP Services (20)

Strategica india report fdi
Strategica india report fdiStrategica india report fdi
Strategica india report fdi
 
IPv6 Matrix Presentation - June 2013
IPv6 Matrix Presentation - June 2013IPv6 Matrix Presentation - June 2013
IPv6 Matrix Presentation - June 2013
 
Detecting Malicious Websites using Machine Learning
Detecting Malicious Websites using Machine LearningDetecting Malicious Websites using Machine Learning
Detecting Malicious Websites using Machine Learning
 
Footwear sourcing in indonesia and cambodia fdra (dec 2012)
Footwear sourcing in indonesia and cambodia fdra (dec 2012)Footwear sourcing in indonesia and cambodia fdra (dec 2012)
Footwear sourcing in indonesia and cambodia fdra (dec 2012)
 
Accenture Technology Vision 2019 Ireland Findings: The Post Digital Era is Here
Accenture Technology Vision 2019 Ireland Findings: The Post Digital Era is HereAccenture Technology Vision 2019 Ireland Findings: The Post Digital Era is Here
Accenture Technology Vision 2019 Ireland Findings: The Post Digital Era is Here
 
IP Transit : Simple Math - Simple Calculation
IP Transit : Simple Math - Simple CalculationIP Transit : Simple Math - Simple Calculation
IP Transit : Simple Math - Simple Calculation
 
正文年報102
正文年報102正文年報102
正文年報102
 
Trendeo industrial investment in asia may 2018
Trendeo industrial investment in asia may 2018Trendeo industrial investment in asia may 2018
Trendeo industrial investment in asia may 2018
 
JCDL2015: How Well are Arabic Websites Archived?
JCDL2015: How Well are Arabic Websites Archived?JCDL2015: How Well are Arabic Websites Archived?
JCDL2015: How Well are Arabic Websites Archived?
 
Oliot samsung-daeyoungkim-kaist wide-version-final
Oliot samsung-daeyoungkim-kaist wide-version-finalOliot samsung-daeyoungkim-kaist wide-version-final
Oliot samsung-daeyoungkim-kaist wide-version-final
 
IPv6 Deployment Update
IPv6 Deployment UpdateIPv6 Deployment Update
IPv6 Deployment Update
 
Observability on kubernetes
Observability on kubernetesObservability on kubernetes
Observability on kubernetes
 
Ferreira c ai-se2013-final-handouts
Ferreira c ai-se2013-final-handoutsFerreira c ai-se2013-final-handouts
Ferreira c ai-se2013-final-handouts
 
SkyBridge Tactical Capabilities
SkyBridge Tactical CapabilitiesSkyBridge Tactical Capabilities
SkyBridge Tactical Capabilities
 
データセンターは世界にいくつ必要か
データセンターは世界にいくつ必要かデータセンターは世界にいくつ必要か
データセンターは世界にいくつ必要か
 
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201
 
Using amazon machine learning to identify trends in io t data technical 201
Using amazon machine learning to identify trends in io t data technical 201Using amazon machine learning to identify trends in io t data technical 201
Using amazon machine learning to identify trends in io t data technical 201
 
Procurement best practices
Procurement best practicesProcurement best practices
Procurement best practices
 
RIPE 76: Is IPv6 on for the rich?
RIPE 76: Is IPv6 on for the rich?RIPE 76: Is IPv6 on for the rich?
RIPE 76: Is IPv6 on for the rich?
 
David dean e friction refresh tunis ais 04jun15v3
David dean e friction refresh tunis ais 04jun15v3David dean e friction refresh tunis ais 04jun15v3
David dean e friction refresh tunis ais 04jun15v3
 

More from Bangladesh Network Operators Group

Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephAccelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephBangladesh Network Operators Group
 
Contents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceContents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceBangladesh Network Operators Group
 
Re-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaRe-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaBangladesh Network Operators Group
 

More from Bangladesh Network Operators Group (20)

Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephAccelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
 
Recent IRR changes by Yoshinobu Matsuzaki, IIJ
Recent IRR changes by Yoshinobu Matsuzaki, IIJRecent IRR changes by Yoshinobu Matsuzaki, IIJ
Recent IRR changes by Yoshinobu Matsuzaki, IIJ
 
Fact Sheets : Network Status in Bangladesh
Fact Sheets : Network Status in BangladeshFact Sheets : Network Status in Bangladesh
Fact Sheets : Network Status in Bangladesh
 
AI Driven Wi-Fi for the Bottom of the Pyramid
AI Driven Wi-Fi for the Bottom of the PyramidAI Driven Wi-Fi for the Bottom of the Pyramid
AI Driven Wi-Fi for the Bottom of the Pyramid
 
IPv6 Security Overview by QS Tahmeed, APNIC RCT
IPv6 Security Overview by QS Tahmeed, APNIC RCTIPv6 Security Overview by QS Tahmeed, APNIC RCT
IPv6 Security Overview by QS Tahmeed, APNIC RCT
 
Network eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life ProductNetwork eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life Product
 
A plenarily integrated SIEM solution and it’s Deployment
A plenarily integrated SIEM solution and it’s DeploymentA plenarily integrated SIEM solution and it’s Deployment
A plenarily integrated SIEM solution and it’s Deployment
 
IPv6 Deployment in South Asia 2022
IPv6 Deployment in South Asia 2022IPv6 Deployment in South Asia 2022
IPv6 Deployment in South Asia 2022
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)
 
RPKI Deployment Status in Bangladesh
RPKI Deployment Status in BangladeshRPKI Deployment Status in Bangladesh
RPKI Deployment Status in Bangladesh
 
Contents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceContents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User Experience
 
BdNOG-20220625-MT-v6.0.pptx
BdNOG-20220625-MT-v6.0.pptxBdNOG-20220625-MT-v6.0.pptx
BdNOG-20220625-MT-v6.0.pptx
 
MANRS for Network Operators
MANRS for Network OperatorsMANRS for Network Operators
MANRS for Network Operators
 
Re-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaRe-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with Grafana
 
RPKI ROA updates
RPKI ROA updatesRPKI ROA updates
RPKI ROA updates
 
Blockchain Demystified
Blockchain DemystifiedBlockchain Demystified
Blockchain Demystified
 
Measuring the Internet Economy: How Networks Create Value
Measuring the Internet Economy: How Networks Create ValueMeasuring the Internet Economy: How Networks Create Value
Measuring the Internet Economy: How Networks Create Value
 
RPKI Deployment Status in Bangladesh
RPKI Deployment Status in BangladeshRPKI Deployment Status in Bangladesh
RPKI Deployment Status in Bangladesh
 
Route Origin Validation - A MANRS Approach
Route Origin Validation - A MANRS ApproachRoute Origin Validation - A MANRS Approach
Route Origin Validation - A MANRS Approach
 
31, Get more from your IPv4 resources
31, Get more from your IPv4 resources31, Get more from your IPv4 resources
31, Get more from your IPv4 resources
 

Recently uploaded

Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 

Recently uploaded (20)

Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 

An Overview about open UDP Services

  • 1. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 1 An Overview about open UDP Services Tarek Sendi – Security Evangelist https://team-cymru.com/community-services/
  • 2. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 2 https://team-cymru.com/community-services/ • Introduction • Reflector and amplifier attacks • Bangladesh Stats • Approaches to reduce open UDP services • Goal for Bangladesh ISP • Conclusion & Questions Contents
  • 3. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 3 https://team-cymru.com/community-services/nimbus-threat-monitor/ তারেক মূলত ততউতিতিযাি তিইআেটি-তত একজি ইরেন্ট হ্যান্ডলাে তহ্রিরে িাইোে তিতকউতেটিে প্রতিক্ষণ তিরযতিরলি এেং R&D- এে টিম তলড হ্রযতিরলি।"টিম িাইমরু"-এ, তারেক প্রতততিি েযেহ্ােকােী, অংিীিাে এেং েৃহ্ত্তে িম্প্রিারযে িারে িংর াগ কেরত কাজ করে। তারেক খি কম্পিউিারেে স্ক্রিরি আিরক োরক িা, তখি তি তাে িময োগারি কাজ করে এেং ফ ু িেল মযারে তগাল িা হ্াোরিাে জিয োিাধ্য তেষ্টা করে। Introduction
  • 4. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 4 https://team-cymru.com/community-services/nimbus-threat-monitor/ Reflector and amplifier attacks DNS amplification attacks, NTP attacks, and Memcached DDOS are amplification attacks. In an amplification attack, the attacker sends a forged packet to the DNS server containing the IP address of the victim. The UDP server/service replies back to the victim instead with larger data. Other kinds of amplification attack include SMTP, SSDP, and so on.
  • 5. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 5 https://team-cymru.com/community-services/nimbus-threat-monitor/ Reflector and amplifier attacks Protocol Bandwidth Amplification Factor DNS 28 to 54 NTP 556.9 SNMPv2 6.3 SSDP 30.8 CharGEN 358.8
  • 6. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 6 • Bangladesh Stats Country Open Recursive DNS Open NTP Open SNMP Open SSDP Open CHARGEN DDOS Potential TBit/sec DDOS Rank India 224,172 130,387 43,093 68,185 323 84 11 Thailand 35,311 107,494 14,444 7,387 185 62 14 Australia 55,881 88,254 6,025 1,977 58 52 17 Bangladesh 47,046 25,714 12,389 53 12 16 38 Bulgaria 34,299 25,040 3,209 1,220 32 15 39 Pakistan 13,394 16,457 5,330 457 28 10 50 Puerto Rico 1,718 4,627 2,158 96 N/A 3 87 Copyright 2022, CyberGreen. All Rights Reserved.
  • 7. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 7 Copyright 2022, CyberGreen. All Rights Reserved. • Open Recursive DNS • Bangladesh Stats (World rank #25)
  • 8. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 8 • Bangladesh Stats (World rank #38) Copyright 2022, CyberGreen. All Rights Reserved. • Open NTP
  • 9. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 9 • Bangladesh Stats (World rank #38) Copyright 2022, CyberGreen. All Rights Reserved. • Open SNMP
  • 10. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 10 • Bangladesh Stats (World rank #38) Copyright 2022, CyberGreen. All Rights Reserved. • Open SNMP
  • 11. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 11 • Bangladesh Stats (World rank #9) https://spoofer.caida.org/summary.php • Top Ten Spoofer Test Results (for the last year) Country Client IP blocks Spoofing IP blocks Blocking IP blocks Inconsistent IP blocks Client ASNs Spoofing ASNs Non-NAT NAT bra (Brazil) 2032328 (16.1%) 373 (18.4%) 1307 (64.3%) 24 (1.2%) 476195 (41.0%) ind (India) 1015151 (14.9%) 147 (14.5%) 712 (70.1%) 5 (0.5%) 4815 (31.3%) usa (United States) 1959117 (6.0%) 557 (28.4%) 1284 (65.5%) 1 (0.1%) 31173 (23.5%) egy (Egypt) 11998 (82.4%) 0 (0.0%) 21 (17.6%) 0 (0.0%) 53 (60.0%) arg (Argentina) 9944 (44.4%) 13 (13.1%) 42 (42.4%) 0 (0.0%) 175 (29.4%) irn (Iran) 25028 (11.2%) 17 (6.8%) 204 (81.6%) 1 (0.4%) 264 (15.4%) npl (Nepal) 5522 (40.0%) 8 (14.5%) 24 (43.6%) 1 (1.8%) 105 (50.0%) chn (China) 44221 (4.8%) 101 (22.9%) 318 (71.9%) 2 (0.5%) 4215 (35.7%) bgd (Bangladesh) 5419 (35.2%) 0 (0.0%) 35 (64.8%) 0 (0.0%) 2912 (41.4%) pol (Poland) 246 18 (7.3%) 18 (7.3%) 209 (85.0%) 1 (0.4%) 49 9 (18.4%)
  • 12. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 12 https://team-cymru.com/community-services/ • Approaches to reduce the impact of open UDP services This is what we can do: • Adhere and use ingress filtering to block spoofed packets (IETF BCP 38 and BCP 84 guidelines). • Use traffic shaping on UDP service requests to ensure repeated access to over-the-Internet resources is not abusive. (rfc2475 and rfc3260) • Disable and remove unwanted services, or deny access to local services over the internet, e.g., for NTP or DNS • Add session handling to the protocols
  • 13. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 13 https://team-cymru.com/community-services/ • Goal for Bangladesh ISP we hope to reduce the number of open UDP services in Bangladesh by any number.
  • 14. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 14 Conclusion & Questions? https://team-cymru.com/community-services/
  • 15. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com Thank You! 15

Editor's Notes

  1. https://team-cymru.com/community-services/nimbus-threat-monitor/
  2. https://team-cymru.com/community-services/nimbus-threat-monitor/
  3. https://team-cymru.com/community-services/nimbus-threat-monitor/
  4. https://team-cymru.com/community-services/nimbus-threat-monitor/
  5. https://team-cymru.com/community-services/nimbus-threat-monitor/
  6. https://team-cymru.com/community-services/nimbus-threat-monitor/
  7. You can use Session Persistence of various types of udp services
  8. You can use Session Persistence of various types of udp services