Brian Utterback <brian.utterb...@oracle.com> wrote: > Not at all. I am asking the parameters of the attack. Is the current > software solution sufficient to stop such attacks? If so, then the > solution is for the servers to upgrade. Indeed, no solution we craft for > the current software development will help sites that do not upgrade.
When the problem of reflection attacks can be solved by an upgrade, that is a strong motive for people (and distributors!) to finally upgrade. But I am not aware of more finegrained rate limiting in the newest version. Is there any? > So, if the current software is subject to attack, is the attack always > via mrulist or does the peer command also cause a problem? If it is I don't know what methods exactly are used, I have not been a victim myself yet. But in principle any UDP protocol that replies with much larger packets than the request that triggers them is a potential victim, as has already been shown with DNS as well. _______________________________________________ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
