Support - yes. Turn on without a bit of hassle - no. I'm not sure how they found that many active services. Honestly, at that small percentage I suspect misclassification instead.

They're not an April fool's joke. A 90's linux might have these services enabled by default. I assume they were built to make network debugging slightly less boring

Huh, this sounds kind of cool, I like the idea of there being a few QOTD servers dotted around the internet. Shame that the first I'm heading about it is it being abused to launch a DDOS.

I ran a qotd server for a while, only retired two months ago actually. It wasn't very popular.

Is it part of Microsoft Services for Unix? That seemed to be the primary source of chargen reflectors when I was getting hit by that; and it feels like a similar thing.

QOTD can also be used with TCP, which avoids a problem that it has if it is being used with UDP.

A lot of security is just making stuff up to sound smart, since the clients aren't very technical. Someone saw packets on port 17 and looked up port 17 and decided that meant the QOTD service was involved in the attack. Probably.