| ▲ | direwolf20 20 hours ago | |
Attempted to compromise, or just port scanned? | ||
| ▲ | RupertSalt 9 hours ago | parent [-] | |
Good call-out! Yes, while the router labels it as "DOS Attack" it is probably a simple port-scan! However, anyone who knows the nature of CHARGEN would recognize that a singular successful connection could immediately blossom into a somewhat lackluster DDOS, as the chargen service risked consuming CPU and network resources unnecessarily. chargen has been also aggressively deprecated, far more than telnetd, since it was a non-essential service. I'd like to know how many servers are voluntarily running chargen on the public Internet today. A port-scan for chargen is more likely a comprehensive port-scan that is just attempting to identify and fingerprint anything that may have been established on that port. It would be less surprising to find, like, ssh or a web server occupying that space today. | ||