[Pool] New participant, big question

Anthony Papillion anthony at cajuntechie.org
Sun Feb 9 21:00:15 UTC 2014

On 02/09/2014 09:07 AM, Mouse wrote:
>> To test my server, I went to another computer outside of the network
>> and did a 'host time.cajuntechie.org' in ntpdc.  I then issued a few
>> commands like monlist, peers, etc and I got a timeout every single
>> time.  Does this mean my server is safe from the amplification attack
>> or do I need to do more?
> By my understanding, you should be OK.  Current amplification attacks
> as I understand them depend on monlist queries, which amplify by a
> factor of from 3 or 4 to somewhere up in the 450 range, depending on
> how busy the machine in question is.  But I haven't made any particular
> study of such things, so I could be rather off base.

Many thanks! From the research I've done, it certainly seems like what
you're saying is the case. Just to be sure though, I've also went ahead
and rate limited the service. While that won't protect me from an
attack, I'm hoping that, if I am vulnerable in any way, it will at least
help mitigate it.


More information about the pool mailing list