[ntp:questions] better rate limiting against amplification attacks?

Rob nomail at example.com
Fri Dec 27 20:30:19 UTC 2013


detha <detha at foad.co.za> wrote:
> Better would be a per-IP-address request or rate limit.

No, better would be a global rate limit.
We already have a per-IP-address rate limit but it does not
help much in this case.

There should be a per-IP-address rate limit for the normal time protocol,
but the rate limit for queries should be for any query received.



More information about the questions mailing list