[Pool] DDoS Type Attack

Harlan Stenn stenn at ntp.org
Sat Feb 15 22:39:06 UTC 2014


Rob Janssen writes:
> Andreas Kr=FCger wrote:
> > I'd say: Rate limiting is the way to go. I personally used iptables for
> > a while,
> > but am back to doing it inside ntpd, so that "KOD" - packets are sent.
> >
> 
> Sending KOD packets is a true waste of time and resources!

No it's not.  They are an error indication, and it's polite to send
them.  Whether or not the receiving end listens to them or not is
another issue.

H


More information about the pool mailing list