Open SSDP Report

This report identifies hosts that have the Simple Service Discovery Protocol (SSDP) running and accessible on the Internet.

These services have the potential to be used in amplification attacks by criminals that wish to perform denial of service attacks. Statistics for these hosts can be found here.

Fields

  • timestamp
    Time that the IP was probed in UTC+0
  • ip
    The IP address of the device in question
  • protocol
    Protocol that the DNS response came on (usually UDP)
  • port
    Port that the SSDP response came from
  • hostname
    Reverse DNS name of the device in question
  • tag
    Will always be SSDP
  • header
    The initial HTTPU (HTTP over UDP) header that was received
  • asn
    ASN of where the device in question resides
  • geo
    Country where the device in question resides
  • region
    State / Province / Administrative region where the device in question resides
  • city
    City in which the device in question resides
  • systime
    GMT timestamp when the response was created
  • cache_control
    Cache-control — how long to wait for more communication
  • location
    URL of where the XML service description is located
  • server
    Server information of a Host that supports UDAP
  • search_target
    Search Target (ST) value
  • unique_service_name
    USN field contains compilation of uuid:uuid_of_Host_device::ST_of_response

Sample

"timestamp","ip","protocol","port","hostname","tag","header","asn","geo","region","city","systime","cache_control","location","server","search_target","unique_service_name"
"2014-03-16 08:14:59","67.193.128.173","udp",1900,"d67-193-128-173.home3.cgocable.net","ssdp","HTTP/1.1 200 OK",7992,"CA","ONTARIO","KINGSTON",,"max-age=120","http://192.168.0.1:65535/rootDesc.xml","Linux/2.4.22-1.2115.nptl UPnP/1.0 miniupnpd/1.0","upnp:rootdevice","uuid:11111111-1111-1111-1111-111111111111::upnp:rootdevice"
"2014-03-16 08:14:59","24.35.243.77","udp",32853,"24-35-243-77.fidnet.com","ssdp","HTTP/1.1 200 OK",11976,"US","MISSOURI","NEVADA","Sun, 16 Mar 2014 03:16:46 GMT","max-age=100","http://192.168.0.1:49152/description.xml","Linux/2.6.18_pro500, UPnP/1.0, Portable SDK for UPnP devices/1.3.1","upnp:rootdevice","uuid:28802880-2880-1880-a880-cca462b12b30::upnp:rootdevice"
"2014-03-16 08:14:59","65.25.192.8","udp",1900,"cpe-65-25-192-8.new.res.rr.com","ssdp","HTTP/1.1 200 OK",10796,"US","WISCONSIN","GREEN BAY",,"max-age=120","http://192.168.0.1:65535/rootDesc.xml","Linux/2.4.22-1.2115.nptl UPnP/1.0 miniupnpd/1.0","upnp:rootdevice","uuid:2a7897a6-1dd2-11b2-adf2-811ddb58080b::upnp:rootdevice"
"2014-03-16 08:14:59","209.197.143.187","udp",1900,"209-197-143-187.cpe.distributel.net","ssdp","HTTP/1.1 200 OK",11814,"CA","ONTARIO","OTTAWA",,"max-age=1800","http://192.168.1.1:5431/dyndev/uuid:0000e0f8-c0a0-00e0-00a0-484800c808e0","Custom/1.0 UPnP/1.0 Proc/Ver","upnp:rootdevice","uuid:0000e0f8-c0a0-00e0-00a0-484800c808e0::upnp:rootdevice"
"2014-03-16 08:14:59","76.11.218.168","udp",1900,"host-76-11-218-168.newwavecomm.net","ssdp","HTTP/1.1 200 OK",18812,"US","MISSOURI","SIKESTON",,"max-age=120","http://192.168.0.1:65535/rootDesc.xml","Linux/2.4.22-1.2115.nptl UPnP/1.0 miniupnpd/1.0","upnp:rootdevice","uuid:11111111-1111-1111-1111-111111111111::upnp:rootdevice"
"2014-03-16 08:14:59","74.210.207.51","udp",1900,"74-210-207-51.hy.cgocable.ca","ssdp","HTTP/1.1 200 OK",11290,"CA","QUEBEC","MONTREAL",,"max-age=120","http://192.168.0.1:65535/rootDesc.xml","Linux/2.4.22-1.2115.nptl UPnP/1.0 miniupnpd/1.0","upnp:rootdevice","uuid:add0b6d4-1dd1-11b2-8d95-8814da55065c::upnp:rootdevice"
"2014-03-16 08:14:59","76.166.127.141","udp",32795,"mta-76-166-127-141.socal.rr.com","ssdp","HTTP/1.1 200 OK",20001,"US","CALIFORNIA","LOS ANGELES","Sun, 16 Mar 2014 08:16:41 GMT","max-age=100","http://192.168.0.1:49152/description.xml","Linux/2.6.18_pro500, UPnP/1.0, Portable SDK for UPnP devices/1.3.1","upnp:rootdevice","uuid:28802880-2880-1880-a880-001dd5f614c0::upnp:rootdevice"
"2014-03-16 08:15:00","1.62.9.118","udp",1900,,"ssdp","HTTP/1.1 200 OK",4837,"CN","HEILONGJIANG","HARBIN",,"max-age = 120","http://192.168.1.1:80/UPnP/IGD.xml","System/1.0 UPnP/1.0 IGD/1.0","upnp:rootdevice","uuid:IGD{8c80f73f-4ba0-45fa-835d-042505d052be}000000000000::upnp:rootdevice"
"2014-03-16 08:15:00","183.104.67.106","udp",1900,,"ssdp","HTTP/1.1 200 OK",4766,"KR","SEOUL-T'UKPYOLSI","SEOUL",,"max-age=120","http://192.168.0.1:40671/etc/linuxigd/gatedesc.xml","Net-OS 5.xx UPnP/1.0","upnp:rootdevice","uuid:fc4ec57e-b051-11db-88f8-0060085db3f6::upnp:rootdevice"

Our 73 Report Types