On 02/21/2014 07:08 AM, Brian Rak wrote: > So far, I've seen this exact situation play out multiple times. > Someone says 'What iptables rules do I need?' or 'I came up with these > iptables rules', and it turns out they still have monlist enabled. > These problems tend to go away when you disable monlist (unless you're > actually the target of an attack)
What I saw was a server that WAS serving monlist packets. I corrected the config to fix this, and was still seeing 2000+ packets a second incoming. The IPTables rule stops that, and other abusive (too chatty) clients. Never hurts to have two lines of defense. -- Scott Baker - Canby Telcom System Administrator - RHCE - 503.266.8253 _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
