Years ago 1and1 terminated my account for this very reason. Could never get to a person that understood the nature of UDP.
Sent from my iPhone On Aug 10, 2012, at 2:50 PM, "Mouse" <[email protected]> wrote: >>>> [...] we had two rather irate people call our emergency support >>>> line, demanding that we fix the system that was attacking their >>>> network. On port 123/udp. [...] >>> [...] >> Your NTP server could be responding to requests with forged source IP >> addresses, so in a sense, your server really is "attacking" a >> third-party. > > I never put the two together now, but this could be why I've never had > any such complaints. I have a watcher snooping my port-123 traffic and > any IP that sends too fast gets router-blocked at my border. I did > this out of self-defense against clients that don't understand why it's > a bad thing to query multiple times a second or the like. But it does > mean that I'm not much use as an attack bandwidth amplifier. (Yes, I > have similar guards on port 53 too....) > > /~\ The ASCII Mouse > \ / Ribbon Campaign > X Against HTML [email protected] > / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B > _______________________________________________ > pool mailing list > [email protected] > http://lists.ntp.org/listinfo/pool _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
