[Pool] DDOS using my ntp server

Klaus Hartnegg Klaus.Hartnegg at BlickZentrum.de
Sun Dec 29 23:09:38 UTC 2013

On 05.11.2013 04:54, Justin wrote:
 > received an abuse email today. Basically, my server was DDOS someone
 > else, ntp reflection attack.

Symantec has noticed ntp reflection attacks in the last few weeks:

They say that the attackers use the monlist command like in
ntpdc –n –c monlist

The protection is to add 'disable monitor' to /etc/ntp.conf.

My ntp server (ubuntu, probably 10.04) does not answer to monlist.


More information about the pool mailing list