nanog mailing list archives
Re: chargen is the new DDoS tool?
From: Jimmy Hess <mysidia () gmail com>
Date: Tue, 11 Jun 2013 18:09:39 -0500
On 6/11/13, Justin M. Streiner <streiner () cluebyfour org> wrote:
Other than providing another DDoS vector, I'm not aware of any legitimate reason to keep these services running and accessible. As always, YMMV.
They are useful for troubleshooting and diagnostic purposes. Just be sure to limit the maximum possible response rate and bandwidth for any source network, and be sure to truncate the length of the response to the length of the original query, so they cannot be used for amplification. If you can't do that, then shut them off :) The risk that they be used to DoS the server that runs those services remains.
jms
-- -JH
Current thread:
- Re: chargen is the new DDoS tool?, (continued)
- Re: chargen is the new DDoS tool? shawn wilson (Jun 12)
- Re: chargen is the new DDoS tool? Aaron Glenn (Jun 12)
- Re: chargen is the new DDoS tool? shawn wilson (Jun 12)
- Re: chargen is the new DDoS tool? Rich Kulawiec (Jun 12)
- Re: chargen is the new DDoS tool? Jimmy Hess (Jun 11)
- Re: chargen is the new DDoS tool? Ricky Beam (Jun 11)
- Re: chargen is the new DDoS tool? shawn wilson (Jun 12)
- Re: chargen is the new DDoS tool? John Kristoff (Jun 12)
- Re: chargen is the new DDoS tool? Justin M. Streiner (Jun 11)
- Re: chargen is the new DDoS tool? Jimmy Hess (Jun 11)
- RE: chargen is the new DDoS tool? David Edelman (Jun 11)
- Re: chargen is the new DDoS tool? Valdis . Kletnieks (Jun 11)
- Re: chargen is the new DDoS tool? Dobbins, Roland (Jun 11)
- Re: chargen is the new DDoS tool? Jimmy Hess (Jun 12)
- Re: chargen is the new DDoS tool? Nick B (Jun 12)