This is a non-IMPACT record, meaning that access to the data is not controlled by IMPACT. For access, see the directions below.

Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.

Summary

DS-1371
Internet Wide Amplification Survey (MaxPain)
External Dataset
External Data Source
scans.io
Unknown
Unknown
52 (lowest rank is 52)

Category & Restrictions

Other
denial of service, network data, cyber attack
Unrestricted
true

Description


UDP scan and meassurement of public UDP services that could be used in relation to Amplified DDoS attacks.

The dataset consists of 20 UDP Services and 21 attack vectors. Data is collected in a JSON format with both the request and response. The dataset is composed through a custom service scanner that mimiks a single packet from an attack and records the response. Services covering: Chargen, DNS, SSDP, Portmap, SIP, TFTP, NetBIOS, MSSQL, Steam, NTP(Monlist/Readvar), SNMP, mDNS, QOTD, ICA, Sentinel, RIPv1, Quake3, CoAP, LDAP, Memcached. Notice the data collected does not include the UDP header only the data. I acknowledge that the scans has not been run on a fully regular basis. The data was used as part of a Proof-of-Concept in relation to a new attack vector named MaxPain

Additional Details

223.2MB
false
Unknown
maxpain, internet wide amplification survey (maxpain), 1371, wide, survey, amplification, external, inferlink corporation, corporation, inferlink, external data source, source, udp, services, relation, public, scan, ddos, meassurement, attacks, amplified, attack, dataset, collected, response, mssql, memcached, tftp, json, ssdp, steam, vector, mimiks, consists, sip, custom, regular, netbios, notice, sentinel, service, include, acknowledge, single, ntp, mdns, ica, snmp, ldap, scans, scanner, portmap, monlist, proof, ripv1, format, dns, packet, basis, composed, vectors, readvar, coap, chargen, header, qotd, request, named, other, covering, records, concept, quake3