[Pool] DDoS Type Attack

Hal Murray hmurray at megapathdsl.net
Mon Feb 17 08:21:24 UTC 2014


mwaggy at gmail.com said:
> If you run 'ntpdc -nc monlist YOUR_HOST' before applying, you will see that,
> for one small query, you get a list of 600 hosts using your server back.
> There's an active attack going around, in which abusers are doing this with
> forged IPs (which works since it's UDP traffic) to amplify their bandwidth. 

There is a complication in there.  If your restrict stuff is setup to allow 
query from your local LAN, that doesn't mean you will contribute to 
amplification attacks from the outside world.


-- 
These are my opinions.  I hate spam.





More information about the pool mailing list