nanog mailing list archives
Re: Filter NTP traffic by packet size?
From: Harry Hoffman <hhoffman () ip-solutions net>
Date: Wed, 26 Feb 2014 21:01:29 -0500
Most of what I've seen are reset configs on network gear, standalone devices (printers), and the occasional win 98 box with network addons. We put blocks in place for ntp, SNMP for a short time to get things under control. Chargen was so small it was easier to just alert folks directly. HTH. Cheers, Harry On Feb 26, 2014 5:33 PM, Valdis.Kletnieks () vt edu wrote:
On Wed, 26 Feb 2014 11:44:55 -0600, Brandon Galbraith said:Blocking chargen at the edge doesn't seem to be outside of the realm of possibilities.What systems are (a) still have chargen enabled and (b) common enough to make it a viable DDoS vector? Just wondering if I need to go around and find users of mine that need to be smacked around with a large trout....
Current thread:
- Re: Filter NTP traffic by packet size?, (continued)
- Re: Filter NTP traffic by packet size? Laszlo Hanyecz (Feb 20)
- Re: Filter NTP traffic by packet size? James R Cutler (Feb 20)
- Re: Filter NTP traffic by packet size? Phil Bedard (Feb 20)
- Re: Filter NTP traffic by packet size? Dobbins, Roland (Feb 20)
- Re: Filter NTP traffic by packet size? Dobbins, Roland (Feb 20)
- Re: Filter NTP traffic by packet size? Dobbins, Roland (Feb 20)
- Re: Filter NTP traffic by packet size? Harlan Stenn (Feb 21)
- Re: Filter NTP traffic by packet size? Dobbins, Roland (Feb 20)
- RE: Filter NTP traffic by packet size? Phil Bedard (Feb 23)
- Re: Filter NTP traffic by packet size? Brandon Butterworth (Feb 23)
- Re: Filter NTP traffic by packet size? Harry Hoffman (Feb 26)
- Re: Filter NTP traffic by packet size? Laszlo Hanyecz (Feb 20)