Filter NTP traffic by packet size?

Niels Bakker niels=nanog at bakker.net
Fri Feb 28 16:47:20 UTC 2014


>>>is there any modern utility in chargen?
>>Who knows, when CGNs become commonplace we'll start to run out of 
>>ephemeral ports and we'll have to start using ports < 1024 too. 
>>Would be a shame if their use were impeded by old ACLs lying 
>>around.

* randy at psg.com (Randy Bush) [Fri 28 Feb 2014, 17:23 CET]:
>woah!  i did not suggest acls.  i was assuming that one just 
>disables the 'service'.

Oh, I'm sorry!  I honestly thought this thread was about filtering 
as a way of mitigating abuse.

Yes, of course one should not run the service, especially not UDP.


	-- Niels.




More information about the NANOG mailing list