[Pool] DDoS Type Attack

Hal Murray hmurray at megapathdsl.net
Mon Feb 17 08:21:24 UTC 2014

mwaggy at gmail.com said:
> If you run 'ntpdc -nc monlist YOUR_HOST' before applying, you will see that,
> for one small query, you get a list of 600 hosts using your server back.
> There's an active attack going around, in which abusers are doing this with
> forged IPs (which works since it's UDP traffic) to amplify their bandwidth. 

There is a complication in there.  If your restrict stuff is setup to allow 
query from your local LAN, that doesn't mean you will contribute to 
amplification attacks from the outside world.

These are my opinions.  I hate spam.

More information about the pool mailing list