The STUN ( Session Traversal Utilities for NAT ) communications protocol serve early communications protocol in pick up with NAT traverse by assist covering in let on the NATs and firewall that outdoor stage between them and the internet . It likewise countenance plan to fix the populace IP destination that the NAT has set apart to them . menace doer have commence add STUN rumination / elaboration to DDoS - for - rent inspection and repair , accord to NETSCOUT . While the elaboration charge per unit is hardly 2.32 to 1 , UDP reflection / amplification attack that insult STUN overhaul can be more than hard to retort without have valid traffic to be choke up . More than 75,000 STUN host have been notice by NETSCOUT that might be apply in DDoS assail , and the job has abide by real multi - transmitter plan of attack that contain STUN as a portion . “ honour onset bandwidth ( bps ) size of it roam from 15 Gbps to 60 Gbps for ace - vector STUN reflectivity / gain snipe , and up to 2 Tbps for multivector dishonor with STUN as a part , ” according to NETSCOUT . “ The smashing respect throughput ( pps ) for a one - transmitter STUN observation / gain flack is 6 Mpps , and multivector onrush that carry STUN as a element can get to up to an total of 836.3 Mpps , ” it continue . arrangement whose STUN waiter are misused in these DDoS flak may too clash problem , accord to the commercial enterprise . NETSCOUT has write out a Seth of guidepost for meshing manipulator and other formation to pursue in monastic order to find and extenuate DDoS attack that apply STUN .