[ntp:questions] better rate limiting against amplification attacks?
E-Mail Sent to this address will be added to the BlackLists
Null at BlackList.Anitech-Systems.invalid
Fri Jan 17 06:52:44 UTC 2014
Greg Troxel wrote:
> Really, ntpd should, when run with a config file of only
>
> server 0.pool.ntp.org
> server 1.pool.ntp.org
> server 2.pool.ntp.org
# IMHO, More like:
restrict -4 default limited kod nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict -6 default limited kod nomodify notrap nopeer noquery
restrict ::1
restrict 224.0.1.1 mask 255.255.255.255 nomodify
restrict source nomodify
pool pool.ntp.org iburst preempt
--
E-Mail Sent to this address <BlackList at Anitech-Systems.com>
will be added to the BlackLists.
More information about the questions
mailing list