[AusNOG] UDP based HTTP attack?
Roland Dobbins
rdobbins at arbor.net
Sun Sep 20 12:26:14 EST 2015
On 20 Sep 2015, at 8:36, Matt Richards wrote:
> It's a PBX, so NTP is used to set the time on the phones - we'll just
> have to find a way around not having NTP exposed on it.
Drop anything UDP/123 to/from it which isn't UDP/123 - UDP/123 at 76
bytes (minus l2 headers). This will allow timesync to work, whilst
disallowing reflection/amplification initiation in most cases, and
certainly suppressing it outbound.
-----------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the AusNOG
mailing list