[Pool] Forward of moderated message
Mouse
mouse at Rodents-Montreal.ORG
Fri Aug 10 18:52:28 UTC 2012
>>> [...] we had two rather irate people call our emergency support
>>> line, demanding that we fix the system that was attacking their
>>> network. On port 123/udp. [...]
>> [...]
> Your NTP server could be responding to requests with forged source IP
> addresses, so in a sense, your server really is "attacking" a
> third-party.
I never put the two together now, but this could be why I've never had
any such complaints. I have a watcher snooping my port-123 traffic and
any IP that sends too fast gets router-blocked at my border. I did
this out of self-defense against clients that don't understand why it's
a bad thing to query multiple times a second or the like. But it does
mean that I'm not much use as an attack bandwidth amplifier. (Yes, I
have similar guards on port 53 too....)
/~\ The ASCII Mouse
\ / Ribbon Campaign
X Against HTML mouse at rodents-montreal.org
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
More information about the pool
mailing list