[ntp:questions] better rate limiting against amplification attacks?

Charles Elliott elliott.ch at verizon.net
Sat Dec 28 14:38:54 UTC 2013


Yeah, but the Meinberg installer for Windows, and the accompanying
documentation including the "Cheat Sheet," sure makes setting up a default
configuration easier.

However, I grant that almost nothing beats reading the NTP documentation,
especially for novices.

Charles Elliott

-----Original Message-----
From: questions-bounces+elliott.ch=verizon.net at lists.ntp.org
[mailto:questions-bounces+elliott.ch=verizon.net at lists.ntp.org] On Behalf Of
Steve Kostecke
Sent: Friday, December 27, 2013 7:09 PM
To: questions at lists.ntp.org
Subject: Re: [ntp:questions] better rate limiting against amplification
attacks?

On 2013-12-27, detha <detha at foad.co.za> wrote:

> A first step would be to have a default configuration where any 
> functionality that can be used for reflection attacks with more than a 
> say
> 2:1 ratio needs to be explicitly enabled, with warnings about this in 
> the sample config file(s).

The NTP Reference Implementation has no default use case. So there is no
"baked-in" sensible default configuration. Some view this as a feature.

--
Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/

_______________________________________________
questions mailing list
questions at lists.ntp.org
http://lists.ntp.org/listinfo/questions



More information about the questions mailing list