[ntp:questions] NTP Denial of Service attack 29 November 2011

Rich schmidt.rich at gmail.com
Wed Nov 30 15:35:38 UTC 2011


On Nov 30, 9:49 am, Rich <schmidt.r... at gmail.com> wrote:
> On Nov 30, 8:42 am, mi... at flatsurface.com (Mike S) wrote:
>
>
>
>
>
>
>
>
>
> > At 07:40 AM 11/30/2011, Danny Mayer wrote...
>
> > >On 11/30/2011 4:35 AM, Rob wrote:
> > > > Yes, sure.   But blocking an entire region because of 4 abusers?
>
> > >Yes. In this case they are not following the rules of engagement.
> > >Sending packets from another Continent doesn't make a lot of sense in
> > >any case.
>
> > "They?" Who do you think "they" are? There are 4 abusive hosts, and the
> > suggested blocks potentially cover over 128 million hosts. Are you
> > suggesting that you know as fact, that because 4 hosts aren't following
> > the rules, none of the other 128 million are, either?
>
> > You're probably right that hosts in AsiaPAC don't need NTP service from
> > USNO. But, the recommendation was made to the audience at large, which
> > can't be assumed to only represent a single region.
>
> At 11 pm EST 29 Nov 2011 the Navy Cyber Defense Operations Command
> ordered USNO to take NTP servers in Washington, DC offline, and USNO
> complied.   USNO serves more than 3 million clients.  This is the
> first time in 17 years that we have ceased NTP operations.
>
> Rich Schmidt
> Time Service Department
> US Naval Observatory

USNO BACK ON LINE

NTP Service from USNO Washington was restored at 30.56 November 2011
UTC.  No further information is available for dissemination at this
time.

Richard Schmidt
Time Service Department
US Naval Observatory
Washington, DC



More information about the questions mailing list