Revision as of 08:06, 17 October 2015 edit Widefox (talk \| contribs) Autopatrolled, Extended confirmed users, Page movers, IP block exemptions, New page reviewers, Pending changes reviewers, Rollbackers 110,643 edits Added {{refimprove}} tag to article (TW) ← Previous edit		Revision as of 16:57, 29 March 2016 edit undo Nunnayabuisness (talk \| contribs) 1 edit m Grammatical edit Tag: Visual edit Next edit →
Line 47: The service was used maliciously to crash MS DNS servers running Microsoft Windows NT 4.0 by piping the arbitrary characters straight into the DNS server listening port (telnet ntbox 19 \| telnet ntbox 53).<ref>{{cite web\|url=http://support.microsoft.com/kb/169461 \|title=Access Violation in Dns.exe Caused by Malicious Telnet Attack \|publisher=Support.microsoft.com \|date=2006-11-01 \|accessdate=2009-05-31}}</ref> However, the attack was presumably a symptom of improper buffer management on the part of Microsoft's DNS service and not directly related to the CHARGEN service.{{Citation needed\|date=August 2010}} UDP CHARGEN is commonly used in denial of service attacks. By using a fake source address the attacker can send bounce traffic off a UDP CHARGEN application to the victim. UDP CHARGEN sends 200 to 1,000 times more data than it receives, depending upon the implementation. This "traffic multiplication" is also attractive to an attacker~~. Also attractive is~~ ~~the~~because ~~obscuring~~it ofobscures the attacker's IP address from the victim. CHARGEN was widely implemented on network-connected printers. As printer firmware was rarely updated on older models before CHARGEN and other security concerns were known, there may still be many network-connected printers which implement the protocol. Where these are visible to the Internet, they are invariably misused as denial of service vectors. Potential attackers often scan networks looking for UDP port 19 CHARGEN sources.

Character Generator Protocol: Difference between revisions