Wikipedia

Character Generator Protocol: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
m Replaces obsolete tag.
Citation bot (talk | contribs)
Bots
5,866,394 edits
Alter: title. | Use this bot. Report bugs. | Suggested by Anas1712 | Category:Filler text | #UCB_Category 2/8
Line 128:
 
==Abuse==
The service was used maliciously to crash [[Microsoft]] [[Name server|___domain name servers]] (DNS) running [[Windows NT 4.0]] by piping the arbitrary characters straight into the DNS server listening port (telnet ntbox 19 | telnet ntbox 53).<ref>{{cite web|url=http://support.microsoft.com/kb/169461|title=Access Violation in Dns.exe Caused by Malicious Telnet Attack|date=2006-11-01|publisher=Support.microsoft.com|url-status=live|accessdate=2009-05-31}}</ref><ref>{{Cite news|url=http://www.itprotoday.com/security/ms-dns-server-subject-denial-service-attack|title=MS DNS Server subject to Denial of Service Attack|date=1997-05-27|work=IT Pro|access-date=2018-02-05}}</ref> However, the attack may have been a symptom of improper buffer management on the part of Microsoft's DNS service and not directly related to the CHARGEN service.{{Citation needed|date=August 2010}}
 
UDP CHARGEN is commonly used in denial-of-service attacks. By using a fake source address the attacker can send bounce traffic off a UDP CHARGEN application to the victim. UDP CHARGEN sends 200 to 1,000 times more data than it receives, depending upon the implementation. This "traffic multiplication" is also attractive to an attacker because it obscures the attacker's IP address from the victim.
Retrieved from "https://en.wikipedia.org/wiki/Character_Generator_Protocol"