[Pool] DDoS Type Attack
timekeeper at famsik.de
Mon Feb 17 21:37:31 UTC 2014
If your server is being used as the weapon in a DDOS
attack, this will add _one_ entry (per DDOS attack).
For all the slaves in the bot net forge the sender
address to that of the victim that's the target of the
But any pool server will usually have >= 600 clients
in its list after it has been running for a while. That's
part of being a pool server.
Am 17.02.2014 18:27, schrieb Brian Rak:
> These days, 600 (not up to 600) is correct. The list quickly gets filled up
> with people who are being DDOSed.
> On 2/16/2014 11:22 PM, Harlan Stenn wrote:
>> Matt Wagner writes:
>>> If you run 'ntpdc -nc monlist YOUR_HOST' before applying, you will see
>>> that, for one small query, you get a list of 600 hosts using your
>>> server back.
>> That's "up to 600". The number will be far less if your ntp server
>> hasn't seen that many connections.
>> pool mailing list
>> pool at lists.ntp.org
> pool mailing list
> pool at lists.ntp.org
More information about the pool