What's going on with NTP?
david at blue-labs.org
Wed Dec 25 18:37:36 UTC 2013
On 12/25/2013 11:35 AM, John Levine wrote:
> I have two FreeBSD servers where the NTP daemons are using double digit CPU
> percentages today rather than the usual 0.01%. Restarting them didn't help.
> The clock on my Android phone is five hours slow. (It's not the time zone,
> I checked that.)
> Is this just my special Christmas present, or are there screwed up NTP servers?
> John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for Dummies",
> Please consider the environment before reading this e-mail. http://jl.ly
you probably need to configure them correctly with:
restrict default ignore
and add additional restrict lines if you have need for other legitimate
servers to make contact with them. i suspect right now you're providing
an ntp amplification attack to the spoofed source address.
More information about the NANOG