Justin: This link is just what the doctor ordered.
http://www.team-cymru.org/ReadingRoom/Templates/secure-ntp-template.html On Nov 5, 2013 7:54 AM, "Justin" <[email protected]> wrote: > I have two machines that participate in the ntp pool project, and I > received an abuse email today. Basically, my server was DDOS someone else, > ntp reflection attack. Obviously that is not something I want to do. By > default my ntp server allows any that connect to port 123. These ddos were > sending the responses back to someone's port 80, which is causing me the > headache. My first step will be to lock the ntp down to port 123 and ports > above 1024 for people behind a nat. I was also going to place iptables > rate limit. Is there anything else I should be doing? I have read about > the restrict limited and discard statement in ntp.conf, but I'm not sure if > that will help here. All my solutions have been outside ntp.conf, so I know > I have to be overlooking something. I have never had problems with > aggressive clients or ntp reflection dos before. I also really do not care > about aggressive clients even now. The system particulars, Ubuntu > 13.10/x86, which uses ntp 4.2.6.p5+dfsg-3ubuntu2. Any assistance is > welcomed. > > Thanks again. > Justin > _______________________________________________ > pool mailing list > [email protected] > http://lists.ntp.org/listinfo/pool >
_______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
