[AusNOG] NTP reflection used for world's largest DDoS

Dobbins, Roland rdobbins at arbor.net
Wed Feb 12 18:05:07 EST 2014


On Feb 12, 2014, at 11:36 AM, David Jericho <davidj at diskpig.org> wrote:

> It seems to be a default in many devices that turning on an NTP client also turns on a NTP server. 

Running an ntpd isn't a big deal (even though attackers are often satisfied with 1:1 reflection, never mind amplification); the key is to ensure that the level-6 and -7 commands aren't allowed.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton



More information about the AusNOG mailing list