If anyone is running a pool server, and has not disabled querying in
some way (noquery, disable monitor, NTPD upgrade, etc), please do so
ASAP. We were hit with multiple 40+ gbps attacks over the weekend, all
using NTP reflection. This has become a critical issue, and running
your server with query enabled is actively harming other machines on the
internet.
NTP pool machines could be some of the worst offenders, as your monlist
output is going to be very large (as compared to a machine that's just a
client).
Please, take a few minutes and verify that you are not vulnerable to this.
Can we get this information added to the pool configuration
recommendations? http://www.pool.ntp.org/join/configuration.html
On 12/29/2013 8:08 PM, Ask Bjørn Hansen wrote:
Adding "noquery" to the default restrict line should work, too.
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
