Filter NTP traffic by packet size?

• Previous message (by thread): Filter NTP traffic by packet size?
• Next message (by thread): Filter NTP traffic by packet size?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2/27/2014 8:09 AM, Randy Bush wrote:
>> I only ran the scan once, but had ~130k devices respond.
> 
> is there any modern utility in chargen?

I know of none, maybe I'm too young.
So we could conclude we don't need that service running.

But some folk use ports for services other than the intended -
like tcp:443 for VPN ;-)

So if we can get enough abusable end-systems fixed (hope so *),
and we get enough source address validation (bcp38) to reduce sources of
badness (hope so *),
then the network won't need to block that port and
someone can make inventive use of it ;-)

(*) and working on it.

Frank

PS:
- seems something going on already, had one outside complain about traffic
from our IP udp:19
- better start scanning proactively

• Previous message (by thread): Filter NTP traffic by packet size?
• Next message (by thread): Filter NTP traffic by packet size?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]