Researchers at Edinburgh Napier University have discovered that the TFTP protocol (Trivial File Transfer Protocol) might be abused in a similar way.
Unlike DNS and NTP, TFTP has no business being exposed on internet-facing systems. Yet port scanning research indicated that there about 599,600 publicly open TFTP servers.
That’s bad in itself but the situation gets worse: the researchers discovered that TFTP offers a higher amplification factor than other internet protocols.
The paper is self archived at: