Kradorex Xeron wrote:
Without BCP38, it will only be a matter of time before another UDP-transported protocol is abused for amplification DNS... NTP... what next?..
TCP-transported protocols. I already see regular attempts to reflect using TCP by sending SYN requests with spoofed source address, and source port of a well-known-service (80, 119, 443 etc). There is only a small amplification and it is easily remedied using an extra access rule, but still it exists. It is not a war against NTP specificially, those people are abusing whatever protocol they find to be abusable. That is why it has to be handled at the source, not the destination. Rob _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
