Open CharGen Report

This report identifies hosts that have the CharGen service running and accessible on the Internet.

These services have the potential to be used in amplification attacks by criminals that wish to perform denial of service attacks.

The service is tested by sending a UDP packet containing a single carriage return to UDP port 19. Statistics for these hosts can be found here.

Fields

  • timestamp
    Time that the IP was probed in UTC+0
  • ip
    The IP address of the device in question
  • protocol
    Protocol that the DNS response came on (usually UDP)
  • port
    Port that the CharGen response came from
  • hostname
    Reverse DNS name of the device in question
  • tag
    Will always be chargen
  • size
    The size of the response that was received (in bytes)
  • asn
    ASN of where the device in question resides
  • geo
    Country where the device in question resides
  • region
    State / Province / Administrative region where the device in question resides
  • city
    City in which the device in question resides

Sample

timestamp","ip","protocol","port","hostname","tag","size","asn","geo","region","city"
"2014-03-16 04:15:19","88.149.23.230","udp",19,,"chargen",116,12969,"IS","HOFUOBORGARSVAOIO","REYKJAVIK"
"2014-03-16 04:15:19","112.197.240.1","udp",19,,"chargen",116,45543,"VN","HO CHI MINH","THANH PHO HO CHI MINH"
"2014-03-16 04:15:19","85.36.146.26","udp",19,"host26-146-static.36-85-b.business.telecomitalia.it","chargen",116,3269,"IT","LAZIO","ROMA"
"2014-03-16 04:15:19","184.69.168.237","udp",19,,"chargen",116,6327,"CA","BRITISH COLUMBIA","VICTORIA"
"2014-03-16 04:15:19","128.171.32.12","udp",19,"dhcp-128-171-32-12.bilger.hawaii.edu","chargen",116,6360,"US","HAWAII","HONOLULU"

Our 76 Report Types

« Back to Network Reporting