[Pool] DDoS Type Attack
phessler at theapt.org
Fri Feb 14 14:48:02 UTC 2014
On 2014 Feb 14 (Fri) at 05:18:35 +0600 (+0600), Nyamul Hassan wrote:
:From the documentation, and all literature that I can find on the internet,
:it seems any remote client who needs to talk to our NTP servers on UDP 123,
:must also originate the request from UDP 123. Considering this, we have
:firewalled any traffic for/from UDP 123 on our servers that does not
:start/end in UDP 123 on the remote machines.
OpenNTPd sends it's queries from non-123 source ports, so that would
block most people using OpenBSD (and some other systems).
Fudd's First Law of Opposition:
Push something hard enough and it will fall over.
More information about the pool