Before we get into this here is the standard disclaimer. Do not scan any devices that you do not have explicit permission to scan. If you do not own the devices I strongly recommend you get that permission in writing. Also, port scanning may cause instability or failure of some devices and/or applications. Just ask anyone who lost ILOs to heartbleed. So be careful!
As we have seen in past diaries about reflective DDOS attacks they are certainly the flavor of the day. US-CERT claims there are several UDP based protocols that are potential attack vectors. In my experience the most prevalent ones are DNS, NTP, SNMP, and CharGEN. Assuming you have permission; Is there an easy way to do good data gathering for these ports on your network? Yes, as a matter of a fact it can be done in one simple nmap command.
more here...............https://isc.sans.edu/diary/Using+nmap+to+scan+for+DDOS+reflectors/18193
As we have seen in past diaries about reflective DDOS attacks they are certainly the flavor of the day. US-CERT claims there are several UDP based protocols that are potential attack vectors. In my experience the most prevalent ones are DNS, NTP, SNMP, and CharGEN. Assuming you have permission; Is there an easy way to do good data gathering for these ports on your network? Yes, as a matter of a fact it can be done in one simple nmap command.
more here...............https://isc.sans.edu/diary/Using+nmap+to+scan+for+DDOS+reflectors/18193