ddos attack blog
Mark Tinka
mark.tinka at seacom.mu
Fri Feb 14 08:10:37 UTC 2014
On Friday, February 14, 2014 03:01:27 AM Jared Mauch wrote:
> I would actually like to ask for those folks to un-block
> NTP so there is proper data on the number of hosts for
> those researching this. The right thing to do is
> reconfigure them. I've seen a good trend line in NTP
> servers being fixed, and hope we will see more of that
> in the next few weeks.
Depending on your OS, the fixes can be quite simple or
interesting.
On my FreeBSD servers, simply updating with "freebsd-update"
was enough to fix the issue (in addition to limiting
who/what can access the service).
On Cisco devices, the ACL's you can attach to the NTP
process are quite effective.
On Juniper devices, it is less intuitive, and even though
NTP is enabled only as a client, it, sadly, runs the server
as well. A firewall filter helps here when applied
correctly.
Can't speak to other OS's.
Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140214/6e3ab0dc/attachment.sig>
More information about the NANOG
mailing list