[169509] in North American Network Operators' Group
Re: Filter NTP traffic by packet size?
daemon@ATHENA.MIT.EDU (Niels Bakker)
Fri Feb 28 11:47:47 2014
Date: Fri, 28 Feb 2014 17:47:20 +0100
From: Niels Bakker <niels=nanog@bakker.net>
To: nanog@nanog.org
Mail-Followup-To: nanog@nanog.org
In-Reply-To: <m2zjlb9ppv.wl%randy@psg.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
>>>is there any modern utility in chargen?
>>Who knows, when CGNs become commonplace we'll start to run out of
>>ephemeral ports and we'll have to start using ports < 1024 too.
>>Would be a shame if their use were impeded by old ACLs lying
>>around.
* randy@psg.com (Randy Bush) [Fri 28 Feb 2014, 17:23 CET]:
>woah! i did not suggest acls. i was assuming that one just
>disables the 'service'.
Oh, I'm sorry! I honestly thought this thread was about filtering
as a way of mitigating abuse.
Yes, of course one should not run the service, especially not UDP.
-- Niels.
