SlideShare a Scribd company logo
1 of 15
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 1
An Overview about open UDP Services
Tarek Sendi – Security Evangelist
https://team-cymru.com/community-services/
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 2
https://team-cymru.com/community-services/
• Introduction
• Reflector and amplifier attacks
• Bangladesh Stats
• Approaches to reduce open UDP services
• Goal for Bangladesh ISP
• Conclusion & Questions
Contents
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 3
https://team-cymru.com/community-services/nimbus-threat-monitor/
তারেক মূলত ততউতিতিযাি তিইআেটি-তত
একজি ইরেন্ট হ্যান্ডলাে তহ্রিরে িাইোে
তিতকউতেটিে প্রতিক্ষণ তিরযতিরলি এেং R&D-
এে টিম তলড হ্রযতিরলি।"টিম িাইমরু"-এ,
তারেক প্রতততিি েযেহ্ােকােী, অংিীিাে এেং
েৃহ্ত্তে িম্প্রিারযে িারে িংর াগ কেরত কাজ
করে। তারেক খি কম্পিউিারেে স্ক্রিরি
আিরক োরক িা, তখি তি তাে িময োগারি
কাজ করে এেং ফ
ু িেল মযারে তগাল িা
হ্াোরিাে জিয োিাধ্য তেষ্টা করে।
Introduction
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 4
https://team-cymru.com/community-services/nimbus-threat-monitor/
Reflector and amplifier attacks
DNS amplification attacks, NTP
attacks, and Memcached DDOS are
amplification attacks. In an
amplification attack, the attacker
sends a forged packet to the DNS
server containing the IP address of
the victim. The UDP server/service
replies back to the victim instead
with larger data. Other kinds of
amplification attack include SMTP,
SSDP, and so on.
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 5
https://team-cymru.com/community-services/nimbus-threat-monitor/
Reflector and amplifier attacks
Protocol Bandwidth Amplification Factor
DNS 28 to 54
NTP 556.9
SNMPv2 6.3
SSDP 30.8
CharGEN 358.8
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 6
• Bangladesh Stats
Country Open Recursive DNS Open NTP Open SNMP Open SSDP Open CHARGEN DDOS Potential TBit/sec DDOS Rank
India 224,172 130,387 43,093 68,185 323 84 11
Thailand 35,311 107,494 14,444 7,387 185 62 14
Australia 55,881 88,254 6,025 1,977 58 52 17
Bangladesh 47,046 25,714 12,389 53 12 16 38
Bulgaria 34,299 25,040 3,209 1,220 32 15 39
Pakistan 13,394 16,457 5,330 457 28 10 50
Puerto Rico 1,718 4,627 2,158 96 N/A 3 87
Copyright 2022, CyberGreen. All Rights Reserved.
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 7
Copyright 2022, CyberGreen. All Rights Reserved.
• Open Recursive DNS
• Bangladesh Stats (World rank #25)
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 8
• Bangladesh Stats (World rank #38)
Copyright 2022, CyberGreen. All Rights Reserved.
• Open NTP
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 9
• Bangladesh Stats (World rank #38)
Copyright 2022, CyberGreen. All Rights Reserved.
• Open SNMP
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 10
• Bangladesh Stats (World rank #38)
Copyright 2022, CyberGreen. All Rights Reserved.
• Open SNMP
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 11
• Bangladesh Stats (World rank #9)
https://spoofer.caida.org/summary.php
• Top Ten Spoofer Test Results (for the last year)
Country
Client IP
blocks
Spoofing IP
blocks
Blocking IP blocks Inconsistent IP
blocks
Client
ASNs
Spoofing
ASNs
Non-NAT NAT
bra (Brazil) 2032328 (16.1%) 373 (18.4%) 1307 (64.3%) 24 (1.2%) 476195 (41.0%)
ind (India) 1015151 (14.9%) 147 (14.5%) 712 (70.1%) 5 (0.5%) 4815 (31.3%)
usa (United States) 1959117 (6.0%) 557 (28.4%) 1284 (65.5%) 1 (0.1%) 31173 (23.5%)
egy (Egypt) 11998 (82.4%) 0 (0.0%) 21 (17.6%) 0 (0.0%) 53 (60.0%)
arg (Argentina) 9944 (44.4%) 13 (13.1%) 42 (42.4%) 0 (0.0%) 175 (29.4%)
irn (Iran) 25028 (11.2%) 17 (6.8%) 204 (81.6%) 1 (0.4%) 264 (15.4%)
npl (Nepal) 5522 (40.0%) 8 (14.5%) 24 (43.6%) 1 (1.8%) 105 (50.0%)
chn (China) 44221 (4.8%) 101 (22.9%) 318 (71.9%) 2 (0.5%) 4215 (35.7%)
bgd (Bangladesh) 5419 (35.2%) 0 (0.0%) 35 (64.8%) 0 (0.0%) 2912 (41.4%)
pol (Poland) 246 18 (7.3%) 18 (7.3%) 209 (85.0%) 1 (0.4%) 49 9 (18.4%)
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 12
https://team-cymru.com/community-services/
• Approaches to reduce the impact of open UDP services
This is what we can do:
• Adhere and use ingress filtering to block spoofed packets (IETF BCP 38 and
BCP 84 guidelines).
• Use traffic shaping on UDP service requests to ensure repeated access to
over-the-Internet resources is not abusive. (rfc2475 and rfc3260)
• Disable and remove unwanted services, or deny access to local services over
the internet, e.g., for NTP or DNS
• Add session handling to the protocols
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 13
https://team-cymru.com/community-services/
• Goal for Bangladesh ISP
we hope to reduce the number of open UDP services
in Bangladesh by any number.
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 14
Conclusion
&
Questions?
https://team-cymru.com/community-services/
Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com
Thank You!
15

More Related Content

What's hot

BGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesBGP Advance Technique by Steven & James
BGP Advance Technique by Steven & James
Febrian ‎
 

What's hot (20)

Ixgbe internals
Ixgbe internalsIxgbe internals
Ixgbe internals
 
Introduction to nexux from zero to Hero
Introduction to nexux  from zero to HeroIntroduction to nexux  from zero to Hero
Introduction to nexux from zero to Hero
 
VXLAN and FRRouting
VXLAN and FRRoutingVXLAN and FRRouting
VXLAN and FRRouting
 
JUNOS: OSPF and BGP
JUNOS: OSPF and BGPJUNOS: OSPF and BGP
JUNOS: OSPF and BGP
 
Automating Network Infrastructure : Ansible
Automating Network Infrastructure : AnsibleAutomating Network Infrastructure : Ansible
Automating Network Infrastructure : Ansible
 
WAN SDN meet Segment Routing
WAN SDN meet Segment RoutingWAN SDN meet Segment Routing
WAN SDN meet Segment Routing
 
Segment Routing
Segment RoutingSegment Routing
Segment Routing
 
Route Leak Prevension with BGP Community
Route Leak Prevension with BGP CommunityRoute Leak Prevension with BGP Community
Route Leak Prevension with BGP Community
 
IPv6 Addressing
IPv6 AddressingIPv6 Addressing
IPv6 Addressing
 
Security Monitoring with eBPF
Security Monitoring with eBPFSecurity Monitoring with eBPF
Security Monitoring with eBPF
 
SCEP - simple certificate enrollment protocol - 1. OpenCA Workshop 2004 / Ope...
SCEP - simple certificate enrollment protocol - 1. OpenCA Workshop 2004 / Ope...SCEP - simple certificate enrollment protocol - 1. OpenCA Workshop 2004 / Ope...
SCEP - simple certificate enrollment protocol - 1. OpenCA Workshop 2004 / Ope...
 
JUNOS - Monitoring and Troubleshooting
JUNOS - Monitoring and TroubleshootingJUNOS - Monitoring and Troubleshooting
JUNOS - Monitoring and Troubleshooting
 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routing
 
Boost UDP Transaction Performance
Boost UDP Transaction PerformanceBoost UDP Transaction Performance
Boost UDP Transaction Performance
 
Junos routing overview from Juniper
Junos routing overview from JuniperJunos routing overview from Juniper
Junos routing overview from Juniper
 
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi SubsystemTutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
 
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124  | Las Vegas 2017Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124  | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
 
BPF - in-kernel virtual machine
BPF - in-kernel virtual machineBPF - in-kernel virtual machine
BPF - in-kernel virtual machine
 
BGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesBGP Advance Technique by Steven & James
BGP Advance Technique by Steven & James
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking Explained
 

Similar to An Overview about open UDP Services

SkyBridge Tactical Capabilities
SkyBridge Tactical CapabilitiesSkyBridge Tactical Capabilities
SkyBridge Tactical Capabilities
C. R. Morgan
 
データセンターは世界にいくつ必要か
データセンターは世界にいくつ必要かデータセンターは世界にいくつ必要か
データセンターは世界にいくつ必要か
Toru Makabe
 
Procurement best practices
Procurement best practicesProcurement best practices
Procurement best practices
remoeneltigre
 

Similar to An Overview about open UDP Services (20)

Strategica india report fdi
Strategica india report fdiStrategica india report fdi
Strategica india report fdi
 
IPv6 Matrix Presentation - June 2013
IPv6 Matrix Presentation - June 2013IPv6 Matrix Presentation - June 2013
IPv6 Matrix Presentation - June 2013
 
Detecting Malicious Websites using Machine Learning
Detecting Malicious Websites using Machine LearningDetecting Malicious Websites using Machine Learning
Detecting Malicious Websites using Machine Learning
 
Accenture Technology Vision 2019 Ireland Findings: The Post Digital Era is Here
Accenture Technology Vision 2019 Ireland Findings: The Post Digital Era is HereAccenture Technology Vision 2019 Ireland Findings: The Post Digital Era is Here
Accenture Technology Vision 2019 Ireland Findings: The Post Digital Era is Here
 
IP Transit : Simple Math - Simple Calculation
IP Transit : Simple Math - Simple CalculationIP Transit : Simple Math - Simple Calculation
IP Transit : Simple Math - Simple Calculation
 
正文年報102
正文年報102正文年報102
正文年報102
 
Trendeo industrial investment in asia may 2018
Trendeo industrial investment in asia may 2018Trendeo industrial investment in asia may 2018
Trendeo industrial investment in asia may 2018
 
JCDL2015: How Well are Arabic Websites Archived?
JCDL2015: How Well are Arabic Websites Archived?JCDL2015: How Well are Arabic Websites Archived?
JCDL2015: How Well are Arabic Websites Archived?
 
Oliot samsung-daeyoungkim-kaist wide-version-final
Oliot samsung-daeyoungkim-kaist wide-version-finalOliot samsung-daeyoungkim-kaist wide-version-final
Oliot samsung-daeyoungkim-kaist wide-version-final
 
IPv6 Deployment Update
IPv6 Deployment UpdateIPv6 Deployment Update
IPv6 Deployment Update
 
SkyBridge Tactical Capabilities
SkyBridge Tactical CapabilitiesSkyBridge Tactical Capabilities
SkyBridge Tactical Capabilities
 
データセンターは世界にいくつ必要か
データセンターは世界にいくつ必要かデータセンターは世界にいくつ必要か
データセンターは世界にいくつ必要か
 
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201
Using Amazon Machine Learning to Identify Trends in IoT Data - Technical 201
 
Using amazon machine learning to identify trends in io t data technical 201
Using amazon machine learning to identify trends in io t data   technical 201Using amazon machine learning to identify trends in io t data   technical 201
Using amazon machine learning to identify trends in io t data technical 201
 
Procurement best practices
Procurement best practicesProcurement best practices
Procurement best practices
 
RIPE 76: Is IPv6 on for the rich?
RIPE 76: Is IPv6 on for the rich?RIPE 76: Is IPv6 on for the rich?
RIPE 76: Is IPv6 on for the rich?
 
David dean e friction refresh tunis ais 04jun15v3
David dean e friction refresh tunis ais 04jun15v3David dean e friction refresh tunis ais 04jun15v3
David dean e friction refresh tunis ais 04jun15v3
 
An IPv6 Update
An IPv6 UpdateAn IPv6 Update
An IPv6 Update
 
E indices jan22-2013
E indices jan22-2013E indices jan22-2013
E indices jan22-2013
 
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
 

More from Bangladesh Network Operators Group

More from Bangladesh Network Operators Group (20)

Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephAccelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
 
Recent IRR changes by Yoshinobu Matsuzaki, IIJ
Recent IRR changes by Yoshinobu Matsuzaki, IIJRecent IRR changes by Yoshinobu Matsuzaki, IIJ
Recent IRR changes by Yoshinobu Matsuzaki, IIJ
 
Fact Sheets : Network Status in Bangladesh
Fact Sheets : Network Status in BangladeshFact Sheets : Network Status in Bangladesh
Fact Sheets : Network Status in Bangladesh
 
AI Driven Wi-Fi for the Bottom of the Pyramid
AI Driven Wi-Fi for the Bottom of the PyramidAI Driven Wi-Fi for the Bottom of the Pyramid
AI Driven Wi-Fi for the Bottom of the Pyramid
 
IPv6 Security Overview by QS Tahmeed, APNIC RCT
IPv6 Security Overview by QS Tahmeed, APNIC RCTIPv6 Security Overview by QS Tahmeed, APNIC RCT
IPv6 Security Overview by QS Tahmeed, APNIC RCT
 
Network eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life ProductNetwork eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life Product
 
A plenarily integrated SIEM solution and it’s Deployment
A plenarily integrated SIEM solution and it’s DeploymentA plenarily integrated SIEM solution and it’s Deployment
A plenarily integrated SIEM solution and it’s Deployment
 
IPv6 Deployment in South Asia 2022
IPv6 Deployment in South Asia  2022IPv6 Deployment in South Asia  2022
IPv6 Deployment in South Asia 2022
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)
 
RPKI Deployment Status in Bangladesh
RPKI Deployment Status in BangladeshRPKI Deployment Status in Bangladesh
RPKI Deployment Status in Bangladesh
 
12 Years in DNS Security As a Defender
12 Years in DNS Security As a Defender12 Years in DNS Security As a Defender
12 Years in DNS Security As a Defender
 
Contents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceContents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User Experience
 
BdNOG-20220625-MT-v6.0.pptx
BdNOG-20220625-MT-v6.0.pptxBdNOG-20220625-MT-v6.0.pptx
BdNOG-20220625-MT-v6.0.pptx
 
Tale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIXTale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIX
 
MANRS for Network Operators
MANRS for Network OperatorsMANRS for Network Operators
MANRS for Network Operators
 
Re-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaRe-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with Grafana
 
RPKI ROA updates
RPKI ROA updatesRPKI ROA updates
RPKI ROA updates
 
Blockchain Demystified
Blockchain DemystifiedBlockchain Demystified
Blockchain Demystified
 
Measuring the Internet Economy: How Networks Create Value
Measuring the Internet Economy: How Networks Create ValueMeasuring the Internet Economy: How Networks Create Value
Measuring the Internet Economy: How Networks Create Value
 
RPKI Deployment Status in Bangladesh
RPKI Deployment Status in BangladeshRPKI Deployment Status in Bangladesh
RPKI Deployment Status in Bangladesh
 

Recently uploaded

一比一原版美国北卡罗莱纳大学毕业证如何办理
一比一原版美国北卡罗莱纳大学毕业证如何办理一比一原版美国北卡罗莱纳大学毕业证如何办理
一比一原版美国北卡罗莱纳大学毕业证如何办理
A
 
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
AS
 
Jual obat aborsi Bekasi ( 085657271886 ) Cytote pil telat bulan penggugur kan...
Jual obat aborsi Bekasi ( 085657271886 ) Cytote pil telat bulan penggugur kan...Jual obat aborsi Bekasi ( 085657271886 ) Cytote pil telat bulan penggugur kan...
Jual obat aborsi Bekasi ( 085657271886 ) Cytote pil telat bulan penggugur kan...
ZurliaSoop
 
原版定制(LBS毕业证书)英国伦敦商学院毕业证原件一模一样
原版定制(LBS毕业证书)英国伦敦商学院毕业证原件一模一样原版定制(LBS毕业证书)英国伦敦商学院毕业证原件一模一样
原版定制(LBS毕业证书)英国伦敦商学院毕业证原件一模一样
AS
 
一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书
一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书
一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书
c6eb683559b3
 
一比一原版澳大利亚迪肯大学毕业证如何办理
一比一原版澳大利亚迪肯大学毕业证如何办理一比一原版澳大利亚迪肯大学毕业证如何办理
一比一原版澳大利亚迪肯大学毕业证如何办理
SS
 
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
hfkmxufye
 
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
AS
 
一比一定制波士顿学院毕业证学位证书
一比一定制波士顿学院毕业证学位证书一比一定制波士顿学院毕业证学位证书
一比一定制波士顿学院毕业证学位证书
A
 
一比一原版英国格林多大学毕业证如何办理
一比一原版英国格林多大学毕业证如何办理一比一原版英国格林多大学毕业证如何办理
一比一原版英国格林多大学毕业证如何办理
AS
 
一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理
一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理
一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理
Fir
 
一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理
F
 

Recently uploaded (20)

一比一原版美国北卡罗莱纳大学毕业证如何办理
一比一原版美国北卡罗莱纳大学毕业证如何办理一比一原版美国北卡罗莱纳大学毕业证如何办理
一比一原版美国北卡罗莱纳大学毕业证如何办理
 
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
 
Jual obat aborsi Bekasi ( 085657271886 ) Cytote pil telat bulan penggugur kan...
Jual obat aborsi Bekasi ( 085657271886 ) Cytote pil telat bulan penggugur kan...Jual obat aborsi Bekasi ( 085657271886 ) Cytote pil telat bulan penggugur kan...
Jual obat aborsi Bekasi ( 085657271886 ) Cytote pil telat bulan penggugur kan...
 
Washington Football Commanders Redskins Feathers Shirt
Washington Football Commanders Redskins Feathers ShirtWashington Football Commanders Redskins Feathers Shirt
Washington Football Commanders Redskins Feathers Shirt
 
原版定制(LBS毕业证书)英国伦敦商学院毕业证原件一模一样
原版定制(LBS毕业证书)英国伦敦商学院毕业证原件一模一样原版定制(LBS毕业证书)英国伦敦商学院毕业证原件一模一样
原版定制(LBS毕业证书)英国伦敦商学院毕业证原件一模一样
 
Free scottie t shirts Free scottie t shirts
Free scottie t shirts Free scottie t shirtsFree scottie t shirts Free scottie t shirts
Free scottie t shirts Free scottie t shirts
 
一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书
一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书
一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
 
一比一原版澳大利亚迪肯大学毕业证如何办理
一比一原版澳大利亚迪肯大学毕业证如何办理一比一原版澳大利亚迪肯大学毕业证如何办理
一比一原版澳大利亚迪肯大学毕业证如何办理
 
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
 
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
 
一比一定制波士顿学院毕业证学位证书
一比一定制波士顿学院毕业证学位证书一比一定制波士顿学院毕业证学位证书
一比一定制波士顿学院毕业证学位证书
 
Down bad crying at the gym t shirtsDown bad crying at the gym t shirts
Down bad crying at the gym t shirtsDown bad crying at the gym t shirtsDown bad crying at the gym t shirtsDown bad crying at the gym t shirts
Down bad crying at the gym t shirtsDown bad crying at the gym t shirts
 
[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon
[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon
[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon
 
一比一原版英国格林多大学毕业证如何办理
一比一原版英国格林多大学毕业证如何办理一比一原版英国格林多大学毕业证如何办理
一比一原版英国格林多大学毕业证如何办理
 
Abortion Pills In Jeddah+966572737505 & Get cytotec Jeddah
Abortion Pills In Jeddah+966572737505 & Get cytotec JeddahAbortion Pills In Jeddah+966572737505 & Get cytotec Jeddah
Abortion Pills In Jeddah+966572737505 & Get cytotec Jeddah
 
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
 
一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理
一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理
一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理
 
一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理
 
Beyond Inbound: Unlocking the Secrets of API Egress Traffic Management
Beyond Inbound: Unlocking the Secrets of API Egress Traffic ManagementBeyond Inbound: Unlocking the Secrets of API Egress Traffic Management
Beyond Inbound: Unlocking the Secrets of API Egress Traffic Management
 

An Overview about open UDP Services

  • 1. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 1 An Overview about open UDP Services Tarek Sendi – Security Evangelist https://team-cymru.com/community-services/
  • 2. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 2 https://team-cymru.com/community-services/ • Introduction • Reflector and amplifier attacks • Bangladesh Stats • Approaches to reduce open UDP services • Goal for Bangladesh ISP • Conclusion & Questions Contents
  • 3. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 3 https://team-cymru.com/community-services/nimbus-threat-monitor/ তারেক মূলত ততউতিতিযাি তিইআেটি-তত একজি ইরেন্ট হ্যান্ডলাে তহ্রিরে িাইোে তিতকউতেটিে প্রতিক্ষণ তিরযতিরলি এেং R&D- এে টিম তলড হ্রযতিরলি।"টিম িাইমরু"-এ, তারেক প্রতততিি েযেহ্ােকােী, অংিীিাে এেং েৃহ্ত্তে িম্প্রিারযে িারে িংর াগ কেরত কাজ করে। তারেক খি কম্পিউিারেে স্ক্রিরি আিরক োরক িা, তখি তি তাে িময োগারি কাজ করে এেং ফ ু িেল মযারে তগাল িা হ্াোরিাে জিয োিাধ্য তেষ্টা করে। Introduction
  • 4. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 4 https://team-cymru.com/community-services/nimbus-threat-monitor/ Reflector and amplifier attacks DNS amplification attacks, NTP attacks, and Memcached DDOS are amplification attacks. In an amplification attack, the attacker sends a forged packet to the DNS server containing the IP address of the victim. The UDP server/service replies back to the victim instead with larger data. Other kinds of amplification attack include SMTP, SSDP, and so on.
  • 5. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 5 https://team-cymru.com/community-services/nimbus-threat-monitor/ Reflector and amplifier attacks Protocol Bandwidth Amplification Factor DNS 28 to 54 NTP 556.9 SNMPv2 6.3 SSDP 30.8 CharGEN 358.8
  • 6. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 6 • Bangladesh Stats Country Open Recursive DNS Open NTP Open SNMP Open SSDP Open CHARGEN DDOS Potential TBit/sec DDOS Rank India 224,172 130,387 43,093 68,185 323 84 11 Thailand 35,311 107,494 14,444 7,387 185 62 14 Australia 55,881 88,254 6,025 1,977 58 52 17 Bangladesh 47,046 25,714 12,389 53 12 16 38 Bulgaria 34,299 25,040 3,209 1,220 32 15 39 Pakistan 13,394 16,457 5,330 457 28 10 50 Puerto Rico 1,718 4,627 2,158 96 N/A 3 87 Copyright 2022, CyberGreen. All Rights Reserved.
  • 7. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 7 Copyright 2022, CyberGreen. All Rights Reserved. • Open Recursive DNS • Bangladesh Stats (World rank #25)
  • 8. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 8 • Bangladesh Stats (World rank #38) Copyright 2022, CyberGreen. All Rights Reserved. • Open NTP
  • 9. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 9 • Bangladesh Stats (World rank #38) Copyright 2022, CyberGreen. All Rights Reserved. • Open SNMP
  • 10. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 10 • Bangladesh Stats (World rank #38) Copyright 2022, CyberGreen. All Rights Reserved. • Open SNMP
  • 11. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 11 • Bangladesh Stats (World rank #9) https://spoofer.caida.org/summary.php • Top Ten Spoofer Test Results (for the last year) Country Client IP blocks Spoofing IP blocks Blocking IP blocks Inconsistent IP blocks Client ASNs Spoofing ASNs Non-NAT NAT bra (Brazil) 2032328 (16.1%) 373 (18.4%) 1307 (64.3%) 24 (1.2%) 476195 (41.0%) ind (India) 1015151 (14.9%) 147 (14.5%) 712 (70.1%) 5 (0.5%) 4815 (31.3%) usa (United States) 1959117 (6.0%) 557 (28.4%) 1284 (65.5%) 1 (0.1%) 31173 (23.5%) egy (Egypt) 11998 (82.4%) 0 (0.0%) 21 (17.6%) 0 (0.0%) 53 (60.0%) arg (Argentina) 9944 (44.4%) 13 (13.1%) 42 (42.4%) 0 (0.0%) 175 (29.4%) irn (Iran) 25028 (11.2%) 17 (6.8%) 204 (81.6%) 1 (0.4%) 264 (15.4%) npl (Nepal) 5522 (40.0%) 8 (14.5%) 24 (43.6%) 1 (1.8%) 105 (50.0%) chn (China) 44221 (4.8%) 101 (22.9%) 318 (71.9%) 2 (0.5%) 4215 (35.7%) bgd (Bangladesh) 5419 (35.2%) 0 (0.0%) 35 (64.8%) 0 (0.0%) 2912 (41.4%) pol (Poland) 246 18 (7.3%) 18 (7.3%) 209 (85.0%) 1 (0.4%) 49 9 (18.4%)
  • 12. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 12 https://team-cymru.com/community-services/ • Approaches to reduce the impact of open UDP services This is what we can do: • Adhere and use ingress filtering to block spoofed packets (IETF BCP 38 and BCP 84 guidelines). • Use traffic shaping on UDP service requests to ensure repeated access to over-the-Internet resources is not abusive. (rfc2475 and rfc3260) • Disable and remove unwanted services, or deny access to local services over the internet, e.g., for NTP or DNS • Add session handling to the protocols
  • 13. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 13 https://team-cymru.com/community-services/ • Goal for Bangladesh ISP we hope to reduce the number of open UDP services in Bangladesh by any number.
  • 14. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com 14 Conclusion & Questions? https://team-cymru.com/community-services/
  • 15. Team Cymru. Copyright ©2022. All Rights Reserved. | Visit Us At www.team-cymru.com | Contact Us At outreach@cymru.com Thank You! 15

Editor's Notes

  1. https://team-cymru.com/community-services/nimbus-threat-monitor/
  2. https://team-cymru.com/community-services/nimbus-threat-monitor/
  3. https://team-cymru.com/community-services/nimbus-threat-monitor/
  4. https://team-cymru.com/community-services/nimbus-threat-monitor/
  5. https://team-cymru.com/community-services/nimbus-threat-monitor/
  6. https://team-cymru.com/community-services/nimbus-threat-monitor/
  7. You can use Session Persistence of various types of udp services
  8. You can use Session Persistence of various types of udp services