[ntp:questions] better rate limiting against amplification attacks?
stenn at ntp.org
Sat Dec 28 00:59:45 UTC 2013
Greg Troxel writes:
> Harlan Stenn <stenn at ntp.org> writes:
> > No default ntp.conf file has part of the stock distribution's
> > installation for as far back as I can remember.
> > If somebody starts ntpd without a conf file, ntpd will do nothing and if
> > somebody sends it any "tell me what you know" packets the response would
> > be quite minimal.
> Are you saying that a server (with the latest code) configured as
> server host1.example.com
> server host2.example.org
> server host3.example.net
> and nothing else in the ntp.conf will behave under current guidelines
> for best practices in terms of avoiding participating in DOS?
No, because that's not "without a conf file".
If you are going to create a config file that allows arbitrary hosts to
request query responses (which is, in general, a good thing) then that's
what you'll get.
I do want to discuss this and get a consensus for how to proceed.
I'm not sure how much we'll actually "win" by changing the default to:
restrict default ... noquery ...
because people will just as easily create a new ntp.conf line that adds
overrides to either particular hosts/nets (which is good) or they may
just as easily remove the "restruct default noquery" and we're back in
the same place.
More information about the questions