nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Filter NTP traffic by packet size?

From: Frank Habicht <geier () geier ne tz>
Date: Thu, 27 Feb 2014 08:46:48 +0300
On 2/27/2014 8:09 AM, Randy Bush wrote:

I only ran the scan once, but had ~130k devices respond.


is there any modern utility in chargen?


I know of none, maybe I'm too young.
So we could conclude we don't need that service running.

But some folk use ports for services other than the intended -
like tcp:443 for VPN ;-)

So if we can get enough abusable end-systems fixed (hope so *),
and we get enough source address validation (bcp38) to reduce sources of
badness (hope so *),
then the network won't need to block that port and
someone can make inventive use of it ;-)

(*) and working on it.

Frank

PS:
- seems something going on already, had one outside complain about traffic
from our IP udp:19
- better start scanning proactively
Previous By Date Next
Previous By Thread Next

Current thread: