What's going on with NTP?

• Previous message (by thread): What's going on with NTP?
• Next message (by thread): What's going on with NTP?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/25/2013 11:35 AM, John Levine wrote:
> I have two FreeBSD servers where the NTP daemons are using double digit CPU
> percentages today rather than the usual 0.01%.  Restarting them didn't help.
>
> The clock on my Android phone is five hours slow.  (It's not the time zone,
> I checked that.)
>
> Is this just my special Christmas present, or are there screwed up NTP servers?
>
> Regards,
> John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for Dummies",
> Please consider the environment before reading this e-mail. http://jl.ly
>

you probably need to configure them correctly with:

restrict default ignore

and add additional restrict lines if you have need for other legitimate
servers to make contact with them. i suspect right now you're providing
an ntp amplification attack to the spoofed source address.

-david

• Previous message (by thread): What's going on with NTP?
• Next message (by thread): What's going on with NTP?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]