Filter NTP traffic by packet size?

Valdis.Kletnieks at Valdis.Kletnieks at
Wed Feb 26 22:33:45 UTC 2014

On Wed, 26 Feb 2014 11:44:55 -0600, Brandon Galbraith said:

> Blocking chargen at the edge doesn't seem to be outside of the realm of
> possibilities.

What systems are (a) still have chargen enabled and (b) common enough to make
it a viable DDoS vector?  Just wondering if I need to go around and find
users of mine that need to be smacked around with a large trout....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
URL: <>

More information about the NANOG mailing list