Along the lines of a question Alan raised at the meeting this week... apparently NTP DDoS attack are a thing now. :-( -Adam
-------- Original Message -------- Subject: OpenNTPD and NTP reflection attacks Date: Wed, 15 Jan 2014 13:36:12 -0600 From: Nicolai nicolai-omisc@chocolatine.org To: misc@openbsd.org
Hi everyone,
I have a question about OpenNTPD now that NTP reflection attacks are in the news. OpenBSD produces and uses its own OpenNTPD, primarily written by Henning and made portable by Darren Tucker.
The following website:
is an important effort to minimize reflection-related holes in NTP software. The given test command is not supported by OpenNTPD, suggesting no major amplification. And after reading the manual pages I don't think there's an alternative for getting OpenNTPD to generate a large amplification, though I could be wrong.
So, is it correct to say that OpenNTPD is immune from generating large amplifications? (Recent articles on the subject mention 100x amplification factors!)
Nicolai
So is CHARGEN (port 19).
-Daryl
On Thu, 16 Jan 2014, Adam Thompson wrote:
Along the lines of a question Alan raised at the meeting this week... apparently NTP DDoS attack are a thing now. :-( -Adam
-------- Original Message -------- Subject: OpenNTPD and NTP reflection attacks Date: Wed, 15 Jan 2014 13:36:12 -0600 From: Nicolai nicolai-omisc@chocolatine.org To: misc@openbsd.org
Hi everyone,
I have a question about OpenNTPD now that NTP reflection attacks are in the news. OpenBSD produces and uses its own OpenNTPD, primarily written by Henning and made portable by Darren Tucker.
The following website:
is an important effort to minimize reflection-related holes in NTP software. The given test command is not supported by OpenNTPD, suggesting no major amplification. And after reading the manual pages I don't think there's an alternative for getting OpenNTPD to generate a large amplification, though I could be wrong.
So, is it correct to say that OpenNTPD is immune from generating large amplifications? (Recent articles on the subject mention 100x amplification factors!)
Nicolai
-Daryl
-
Adam Thompson -
Daryl F