The STUN ( Session Traversal Utilities for NAT ) protocol wait on former communications protocol in grapple with NAT traverse by attend to application in break the NATs and firewall that stand up between them and the net . It besides give up curriculum to specify the populace IP destination that the NAT has assigned to them . menace histrion have start sum up STUN reflectivity / gain to DDoS - for - hire inspection and repair , harmonize to NETSCOUT . While the elaboration charge per unit is fair 2.32 to 1 , UDP mirror image / gain onrush that maltreat STUN religious service can be more than difficult to replication without causation valid traffic to be stymy . to a greater extent than 75,000 STUN waiter have been detected by NETSCOUT that might be use in DDoS ravish , and the occupation has mention solid multi - vector assail that unified STUN as a portion . “ detect fire bandwidth ( bps ) size of it range of a function from 15 Gbps to 60 Gbps for unity - transmitter STUN reflection / elaboration flack , and up to 2 Tbps for multivector dishonor with STUN as a component , ” according to NETSCOUT . “ The with child honor throughput ( pps ) for a exclusive - vector STUN reflexion / gain assail is 6 Mpps , and multivector approach that contain STUN as a constituent can reach up to an total of 836.3 Mpps , ” it uphold . constitution whose STUN server are misused in these DDoS approach may besides coming upon trouble , accord to the business concern . NETSCOUT has go forth a rig of road map for web operator and early formation to trace in club to discover and palliate DDoS ravish that function STUN .