On 1/13/2014 5:47 PM, Charles Swiger wrote:
Hi--
On Jan 13, 2014, at 1:42 PM, Scott Baker <[email protected]> wrote:
On 01/13/2014 01:24 PM, AlbyVA wrote:
Spreading the knowledge in case you aren't on the NANOG mailing list.
Although I'm sure everybody on the NTP list is well aware of the recent
monlist DDoS issues.
Is there a "best practices" explanation to stop these exploits?
Yes, Network Ingress Filtering is a "best current practice".
See http://tools.ietf.org/html/rfc2827
...but there isn't much individuals running NTP servers can do to implement it;
the change needs to be handled upstream at ISP peering points.
Regards,
Sure. That's the ideal fix to all these reflection attacks. In the
mean time, changing your ntp.conf restrict lines and adding 'noquery'
will prevent this particular exploit from working.
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
