nanog mailing list archives
Re: What's going on with NTP?
From: David Ford <david () blue-labs org>
Date: Wed, 25 Dec 2013 13:37:36 -0500
On 12/25/2013 11:35 AM, John Levine wrote:
I have two FreeBSD servers where the NTP daemons are using double digit CPU percentages today rather than the usual 0.01%. Restarting them didn't help. The clock on my Android phone is five hours slow. (It's not the time zone, I checked that.) Is this just my special Christmas present, or are there screwed up NTP servers? Regards, John Levine, johnl () iecc com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly
you probably need to configure them correctly with: restrict default ignore and add additional restrict lines if you have need for other legitimate servers to make contact with them. i suspect right now you're providing an ntp amplification attack to the spoofed source address. -david
Current thread:
- What's going on with NTP? John Levine (Dec 25)
- Re: What's going on with NTP? Javier Henderson (Dec 25)
- Re: What's going on with NTP? Jared Mauch (Dec 25)
- Re: What's going on with NTP? David Ford (Dec 25)
- Re: What's going on with NTP? Randy Bush (Dec 25)
- Re: What's going on with NTP? Olivier Cochard-Labbé (Dec 26)
- Re: What's going on with NTP? Javier Henderson (Dec 25)