 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
This Wikipedia article has a few good stories: http://en.wikipedia.org/wiki/NTP_server_misuse_and_abuse On Sat, Jan 11, 2014 at 9:15 PM, Chuck Anderson <cra at wpi.edu> wrote: > Probably you were used in an NTP reflection DDoS attack. > > The problem is the "monlist" command that ntpd provides. Upgrade to > ntp-4.2.7 which removes that command, and/or add "noquery" to your > default restrict config. > > > http://www.symantec.com/connect/blogs/hackers-spend-christmas-break-launching-large-scale-ntp-reflection-attacks > > On Sat, Jan 11, 2014 at 09:09:13PM -0500, Kent Borg wrote: > > I remember a story from the early days of the internet (maybe > > ARPANET at that point) when there was a bug in NTP and, for a time, > > it was most of the traffic on the internet... > > > > Anyway, last night my internets at home were working normally, but > > this morning they were crappy. I went out and when I got home they > > were still crappy. I assumed it was Verizon's fault, what with > > their unmaintained copper wires...but that wasn't it Verizon this > > time. > > > > My NTP daemon went crazy. > > > > I have an ancient (Ubuntu 7.04) basement server that does very basic > > things, roughly: > > > > - DHCP server, > > - QEMU host for three little virtual machines, and > > - NTP client/server. > > > > When I called my DSL provider to complain I was told that I was > > pegging my upstream bandwidth. Huh?? > > > > After poking around I finally isolated it: NTP. Turn it on and my > > first-hop-ping jumps from a dozen-ish ms to several hundred-ish ms. > > Turn it off and the ping times fall back to dozen-ish ms. > > > > I tried commenting out half my "server" entries in my /etc/ntp.conf > > file: same thing. I tried commenting out all of the "server" > > entries and still the same thing. > > > > Am I just dying of bit rot? Something gone bad in my ntp binary?? > > > > Ideas? > > > > > > Thanks, > > > > -kb, the Kent who figures it is a sign from God to build a new > > basement server. > _______________________________________________ > Discuss mailing list > Discuss at blu.org > http://lists.blu.org/mailman/listinfo/discuss >
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
