The Shadowserver Foundation Vulnerable NAT-PMP Device Scanning Project
OVERVIEW
NATPMPSCAN.SHADOWSERVER.ORG TRAFFIC
Date Range
Date Range
Date Range
LINKS TO WEBSITE
WHAT DOES NATPMPSCAN.SHADOWSERVER.ORG LOOK LIKE?
NATPMPSCAN.SHADOWSERVER.ORG SERVER
SERVER SOFTWARE
We identified that this website is implementing the Apache/2.4.18 (Ubuntu) server.SITE TITLE
The Shadowserver Foundation Vulnerable NAT-PMP Device Scanning ProjectDESCRIPTION
Vulnerable NAT-PMP Device Scanning Project. If you are looking at this page, then more than likely, you noticed a scan coming from this server across your network andor poking at port 5351udp. Exposed NAT-PMP services have the potential to expose information about a clients network without the clients knowledge. Information on these vulnerable devices has been incorporated into our reports. And are being reported on a daily basis. Reswodahs ta nac bar. For hints on decoding the response. To be remov.PARSED CONTENT
The website natpmpscan.shadowserver.org states the following, "If you are looking at this page, then more than likely, you noticed a scan coming from this server across your network andor poking at port 5351udp." I analyzed that the website said " Exposed NAT-PMP services have the potential to expose information about a clients network without the clients knowledge." They also stated " Information on these vulnerable devices has been incorporated into our reports. And are being reported on a daily basis. For hints on decoding the response."ANALYZE OTHER WEBSITES
The Shadowserver Foundation is currently undertaking a project to search for publicly accessible devices that have NetBIOS running and answering Name Resolution queries. The goal of this project is to identify openly accessible NetBIOS services and report them back to the network owners for remediation.
As was recently reported by Trend Micro. Information on these vulnerable devices has been incorporated into our reports. And are being reported on a daily basis. We are querying all computers with routable IPv4 .
The Shadowserver Foundation is currently undertaking a project to search for publicly accessible devices that have NTP running and answering Mode 7 queries for MON GET LIST. The goal of this project is to identify openly accessible NTP services and report them back to the network owners for remediation. If you would like t.
Open Quote of the Day Service Scanning Project. These devices have the potential to be used in UDP amplification attacks and if at all possible, we would like to see these services made un-available to miscreants that would misuse these resources. Servers that are configured this way have been incorporated into our reports.
Open Redis Key-Value Store Scanning Project. The Shadowserver Foundation is currently undertaking a project to search for publicly accessible devices that have the Redis service running. The goal of this project is to identify openly accessible systems that have Redis running and report them back to the network owners for remediation.