[ntp:security] DDoS amplification using monlist, bugs #2510 and #2180

Hal Murray hmurray at megapathdsl.net
Wed Nov 27 20:31:22 UTC 2013


Several days ago, there was a discussion on ntp-questions about using ntpd as 
a DDoS amplification service.

[ntp:questions] Public ntp-server and reflection-attacks
Thu Nov 21 16:42:39 UTC 2013  
http://lists.ntp.org/pipermail/questions/2013-November/036649.html


A day or two ago, I submitted bug  #2510.

Danny Mayer pointed out that that I didn't check the Security box.  Steve 
Kostecke checked it.

Steve pointed me to
  security at ntp.org, and
  http://support.ntp.org/security

He also found bug #2180 from over a year ago.



-- 
These are my opinions.  I hate spam.





More information about the security mailing list