[Pool] DDoS Type Attack

Peter Hessler phessler at theapt.org
Fri Feb 14 14:48:02 UTC 2014

On 2014 Feb 14 (Fri) at 05:18:35 +0600 (+0600), Nyamul Hassan wrote:
:From the documentation, and all literature that I can find on the internet,
:it seems any remote client who needs to talk to our NTP servers on UDP 123,
:must also originate the request from UDP 123.  Considering this, we have
:firewalled any traffic for/from UDP 123 on our servers that does not
:start/end in UDP 123 on the remote machines.

OpenNTPd sends it's queries from non-123 source ports, so that would
block most people using OpenBSD (and some other systems).

Fudd's First Law of Opposition:
	Push something hard enough and it will fall over.

More information about the pool mailing list