Tag Archives: SOC

Awesome DDoS Lookup tool

In my day to day Job, I have been responsible for mitigating DDoS attacks and making sure that they are detected in a timely manner.

The company I work for has an awesome platform to mitigate DDoS attacks which have an alert system and analytics but I came across a public tool that you can enter an IP or domain into and check if there has been a DDoS against that target.

Check out https://ddosmon.net/

ddosmon front page

 

DDoS Mon gets data from telecoms and other sources around the world to compile a list of DDoS attacks. I have personally used this tool and compared it to known real attacks and let me tell you this tool is very accurate. It’s great to be able to quickly search for attacks also it’s easy to use the URL to search for an attack

For example, you can use https://ddosmon.net/explore/4.2.2.2 to search for attacks against 4.2.2.2(level 3 DNS servers)

There is also an API that requests some JSON data so you can parse the data and you need to create an account to get API access.

When searching for attacks against this IP we see the below result

ddos mon attack view

 

 

The latest attack was a UDP style attack against this IP

The site also provides valuable insights into DDoS traffic on a global scale check out https://ddosmon.net/insight/

Here is a snippet of some interesting data there is much more on the site

                                                                             ddos insights

 

In conclusion this tool is very useful and can be incorporated as another tool in a SOC environment or for any business who suspects they may have experienced attacks but don’t have the resources to check.

This tool is also great for research purposes.

I would like to know what you think about this tool !  send me a email with you thoughts or leave a comment !

Have a good day !

Sean