nanog mailing list archives
Re: Filter NTP traffic by packet size?
From: Jimmy Hess <mysidia () gmail com>
Date: Thu, 27 Feb 2014 00:06:44 -0600
On Wed, Feb 26, 2014 at 11:09 PM, Randy Bush <randy () psg com> wrote:
I only ran the scan once, but had ~130k devices respond.is there any modern utility in chargen?
Does ne'er-do-wells hitting IRC users with "DCC CHAT" requests targeted to trick the victim into connecting to port 19/tcp count as a modern use? I remember, that was a dirty trick in the late '90s, that would today be called a DoS, since the result was to crash desktop chat software ----- nonetheless, it's the only thing I heard of anyone using chargen for until recently. Well, if you enable chargen on a large number of hostst and directed broadcasts: an artificially created chargen storm could be one way to stres-test a WAN link, or to help validate QoS prioritization. Chargen's supposed to be a useful measurement and debugging tool, for developing a TCP/IP stack. I think it has little use nowadays, and there are some more sophisticated tools around today. I would say chargen may have some utility, but it should not be a service turned on, provided, or offered outside the secure confines of a testing lab. In other words: chargen for testeing in a lab, sure. Chargen on production devices, when connected to the public internet: bad idea -- -JH
Current thread:
- Re: Managing ACL exceptions (was Re: Filter NTP traffic by packet size?), (continued)
- Re: Managing ACL exceptions (was Re: Filter NTP traffic by packet size?) Keegan Holley (Feb 27)
- Re: Managing ACL exceptions (was Re: Filter NTP traffic by packet size?) Ray Soucy (Feb 28)
- Re: Managing ACL exceptions (was Re: Filter NTP traffic by packet size?) Jay Ashworth (Feb 28)
- Re: Managing ACL exceptions (was Re: Filter NTP traffic by packet size?) Ray Soucy (Feb 28)
- Re: Managing ACL exceptions (was Re: Filter NTP traffic by packet size?) Jay Ashworth (Feb 28)
- Re: Managing ACL exceptions (was Re: Filter NTP traffic by packet size?) Christopher Morrow (Feb 28)
- Re: Filter NTP traffic by packet size? Valdis . Kletnieks (Feb 26)
- Re: Filter NTP traffic by packet size? Jared Mauch (Feb 26)
- Re: Filter NTP traffic by packet size? Randy Bush (Feb 26)
- Re: Filter NTP traffic by packet size? Frank Habicht (Feb 26)
- Re: Filter NTP traffic by packet size? Jimmy Hess (Feb 26)
- Re: Filter NTP traffic by packet size? Niels Bakker (Feb 28)
- Re: Filter NTP traffic by packet size? Randy Bush (Feb 28)
- Re: Filter NTP traffic by packet size? Niels Bakker (Feb 28)
- Re: Filter NTP traffic by packet size? Robert Drake (Feb 26)
- Re: Filter NTP traffic by packet size? Keegan Holley (Feb 27)
- Re: Filter NTP traffic by packet size? Jimmy Hess (Feb 26)
- Re: Filter NTP traffic by packet size? Robert Drake (Feb 26)
- Re: Filter NTP traffic by packet size? Cb B (Feb 25)
- Re: Filter on IXP Jérôme Nicolle (Feb 28)
- Re: Filter on IXP Jay Ashworth (Feb 28)