[163555] in North American Network Operators' Group
Re: chargen is the new DDoS tool?
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Tue Jun 11 16:12:15 2013
To: "David Edelman" <dedelman@iname.com>
In-Reply-To: Your message of "Tue, 11 Jun 2013 15:38:45 -0400."
<016d01ce66db$4b433610$e1c9a230$@iname.com>
From: Valdis.Kletnieks@vt.edu
Date: Tue, 11 Jun 2013 16:10:30 -0400
Cc: nanog@nanog.org, 'Bernhard Schmidt' <berni@birkenwald.de>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1370981430_1896P
Content-Type: text/plain; charset=us-ascii
On Tue, 11 Jun 2013 15:38:45 -0400, "David Edelman" said:
> I can just see someone spoofing a packet from victimA port 7/UDP to victimB
> port 19/UDP.
For a while, it was possible to spoof packets to create a TCP connection from a
machine's chargen port to its own discard port and walk away while it burned to
the ground. Fun times.
--==_Exmh_1370981430_1896P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iQIVAwUBUbeENgdmEQWDXROgAQIaoxAAvFYL4el0bZVT3g1NQDLUQY1DKIszZY8V
uBPWTnomxAHmEE/FwQOzqixPJU81wN+Kdz9I6tOgyO1siroHYrhVEiyX7Fvw0swT
rUtGlEtDHfbJJXxLlAI8Nl5RWWfcnFDiLzgx5ZKpg0PY2exHWMbAPe7Rl2c0FoLY
FwEizPFo3yY7dLVgBKVA/J54skUOzJuEYSpymLLLb+az2JlaZwKQyl6KyaSaPLOa
lmxN8vbdaxsZzKb8neYp8nBO8Hj9vDlpfZvFAu9N8O8Q8f9PgzMuv8Yu/aDeehbu
HMrFEt1vDNO9ZcnqdBtzMsazyWMKuQzPShSU+Yb0A0bdHD6Rr2qPbO1eD0/KBhYR
TR8X/TiHTb7M/jX1gexVeu2DKIUp47akIvHhUxkRIzdvmD+06zEB+0yB9VifUHs+
WmQkwpVn1bZdP2TPHfDV1j1XtPE6rgH1FoG352iinTvLayn4oi7smny3XduRGHnL
nTVhOsTXJUVRpzMHi5t5KJtSKdy5RcziA64bfMLtJB4GzJpaQNvPPz6OTDsIFpbC
09I7y489liSCMItOopr0pmr0dbcI07fo+yvvxkQdEbqhDIb2iFmlCVXD6cW9BjND
jnBDas2Xe/+YkE4elImxkXq91e7vH0mTd7jtqmu4cXGskqiIxflQ7nwCfrravXGX
Ma2qmiPdTlc=
=9qj2
-----END PGP SIGNATURE-----
--==_Exmh_1370981430_1896P--
