[Pool] DDoS Type Attack

Mouse mouse at Rodents-Montreal.ORG
Fri Feb 14 16:43:25 UTC 2014


>> Opinions differ on how `legitimate' such traffic is.  My own stance
>> is that anyone doing NAT has earned any resulting brokenness by
>> deliberately corrupting packets in transit.
> If you are saying that normal NTP time queries should be forbidden to
> those behind NAT routers, you are stopping about 99% of those I know
> who are using NTP from doing so.  I hope this was not your intention,
> or that I have somehow otherwise mis-understood.

No, not that they should be prevented.  Just that if it _doesn't_ work,
it's their own fault - that is, when I see "this works without NAT and
breaks with NAT", my reaction is much more "don't do that, then" than
"the peer should be fixed".

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse at rodents-montreal.org
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B


More information about the pool mailing list