nanog mailing list archives
Re: Fwd: port 123 reflection attacks
From: Randy Bush <randy () psg com>
Date: Thu, 31 Dec 2015 11:16:07 +0900
- be sure ntpd is properly configured
to be explicit, test it % ntpdc -n -c monlist psg.com psg.com: timed out, nothing received ***Request timed out this is the desired result. any real response means the host is open to be a reflector fwiw, i got caught last week. a debien vm had been brought up using dhcp, and the /var/lib/ntp/ntp.conf.dhcp was still there after the host was reconfigured to static. took me a while to find it. embarrassing. my ntp.yml playbook now has as it's first task - name: remove dhcpd artifact file: path=/var/lib/ntp/ntp.conf.dhcp state=absent randy
Current thread:
- Fwd: port 123 reflection attacks Colin Johnston (Dec 30)
- Re: Fwd: port 123 reflection attacks alvin nanog (Dec 30)
- Re: Fwd: port 123 reflection attacks Randy Bush (Dec 30)
- Re: Fwd: port 123 reflection attacks alvin nanog (Dec 30)