[ntp:questions] NTP Denial of Service attack 29 November 2011

Rob nomail at example.com
Tue Nov 29 21:07:15 UTC 2011

Rich <schmidt.rich at gmail.com> wrote:
> USNO is seeing an apparent coordinated denial of service attack on NTP
> originating with the following IPs:
>;;;   I
> recommend that you block,, and
> There will likely be more to follow. These appear to originate on
> APNIC (Asian Pacific).

Isn't that a bit wide a range to block for only 4 IPs?
What makes you think any further attacks will come from the same range?

When in doubt, block

More information about the questions mailing list