[ntp:questions] better rate limiting against amplification attacks?
nomail at example.com
Fri Dec 27 20:30:19 UTC 2013
detha <detha at foad.co.za> wrote:
> Better would be a per-IP-address request or rate limit.
No, better would be a global rate limit.
We already have a per-IP-address rate limit but it does not
help much in this case.
There should be a per-IP-address rate limit for the normal time protocol,
but the rate limit for queries should be for any query received.
More information about the questions