[ntp:questions] Bounce attack via pool server

Steve Kostecke kostecke at ntp.org
Mon Dec 23 19:07:10 UTC 2013


On 2013-12-23, Jure Sah <dustwolfy at gmail.com> wrote:

> I am an administrator of a public NTP server joined to "pool.ntp.org".
> Our server has recently been an unwilling party to a NTP UDP based
> bounce attack and have received the report attached below.

[snip]

> I am using ntpd version 4.2.6p3. I have searched trough the
> www.pool.ntp.org website on the subject and could not find any general
> recommendation for a secure setup, however I might not have been
> looking in the right places.

If you must continue to use NTP <= 4.2.7  add 'noquery' to your
default restrictions.

The current NTP development release includes some anti spoofing
technology and does not require the use of 'noquery'.

BTW:

NTP Community Supported Documentation is located at
http://support.ntp.org/support

-- 
Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/



More information about the questions mailing list