Building N51 network maintenance (3/12 6-8 AM)
IS&T will be replacing older equipment in Building N51 on March 12th in the morning between the hours of 6am and 8am. There will be a brief outage for some users during this period while the equipment gets replaced.
Building 13 network maintenance (3/10-3/14)
IS&T will be replacing older equipment in Building 13 next week (March 10th through March 14th) in the morning between the hours of 6am and 8am. There will be a brief outage for some users during this period while the equipment gets replaced.
NTP, SNMP, and CHARGEN rate-limiting:
Over the past year, several UDP-based protocols - including NTP (123/udp), SNMP (161/udp), and CHARGEN (19/udp) - have been used to perform distributed denial of service (DDoS) attacks. These attacks exploit the underlying behavior of UDP and assymetric behavior in the NTP, SNMP, and CHARGEN protocols - in short, an attacker spoofs a small query from his/her target and the vulnerable service responds with a far larger response, amplifying the query volume by up to 200-fold. While these protocols are extremely useful in network management, this behavior allows attackers to leverage MIT resources to attack third-parties. In extreme cases, as was experienced early this morning, the volume can be large enough to disrupt MITnet connectivity.
As a result of this morning's outage, a rate-limiting policy has been installed on the MIT border routers to limit NTP (123/udp), SNMP (161/udp), and CHARGEN (19/udp) traffic from external addresses.
The PDF linked below provides more detail on UDP amplification/reflection attacks: