[ntp:security] DDoS amplification using monlist, bugs #2510 and #2180

Hal Murray hmurray at megapathdsl.net
Wed Nov 27 20:31:22 UTC 2013

Several days ago, there was a discussion on ntp-questions about using ntpd as 
a DDoS amplification service.

[ntp:questions] Public ntp-server and reflection-attacks
Thu Nov 21 16:42:39 UTC 2013  

A day or two ago, I submitted bug  #2510.

Danny Mayer pointed out that that I didn't check the Security box.  Steve 
Kostecke checked it.

Steve pointed me to
  security at ntp.org, and

He also found bug #2180 from over a year ago.

These are my opinions.  I hate spam.

More information about the security mailing list