TWC (AS11351) blocking all NTP?

Jay Ashworth jra at
Tue Feb 4 05:52:48 UTC 2014

----- Original Message -----
> From: "Glen Turner" <gdt at>

> On 4 Feb 2014, at 9:28 am, Christopher Morrow
> <morrowc.lists at> wrote:
> > wait, so the whole of the thread is about stopping participants in
> > the attack, and you're suggesting that removing/changing end-system
> > switch/routing gear and doing something more complex than:
> >  deny udp any 123 any
> >  deny udp any 123 any 123
> >  permit ip any any
> Which just pushes NTP to some other port, making control harder. We’ve
> already pushed all ‘interesting' traffic to port 80 on TCP, which has
> made traffic control very expensive. Let’s not repeat that history.

"Those who do not understand the Internet are condemned to reinvent it.

-- after henry at utzoo, though he was talking about Unix, and I am generally
    looking at Tapatalk and talking about Usenet.

-- jra

Jay R. Ashworth                  Baylink                       jra at
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates          2000 Land Rover DII
St Petersburg FL USA      BCP38: Ask For It By Name!           +1 727 647 1274

More information about the NANOG mailing list