[email protected] said: > I understand that NTP amplification can deliver large DoS floods. A broad > ban on all udp/123 traffic seems just a bit too pragmatic, though.
But it's probably a good idea if you are an ISP with a lot of users running ntpd that haven't blocked the amplification yet. http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Attack _using http://networktimefoundation.org/ntp-winter-2013-network-drdos-attacks/ -- These are my opinions. I hate spam. _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
