[ntp:questions] NTP Denial of Service attack 29 November 2011

Marco Marongiu brontolinux at gmail.com
Tue Nov 29 21:11:08 UTC 2011

Is this message authoritative? Blocking three /8s seems like using a
sledgehammer to open a nugget to me...

Il 29/11/2011 21:44, Rich ha scritto:
> USNO is seeing an apparent coordinated denial of service attack on NTP
> originating with the following IPs:
>;;;   I
> recommend that you block,, and
> There will likely be more to follow. These appear to originate on
> APNIC (Asian Pacific).
> Currently we are seeing many tens of thousands of packets per second
> coming in.
> R.Schmidt
> Time Service Department
> US Naval Observatory
> 29 November 2011

                             Marco Marongiu
     System Administrator - Technical Author - Perl Programmer

More information about the questions mailing list