[RndTbl] Fwd: OpenNTPD and NTP reflection attacks

Daryl F wyatt at prairieturtle.ca
Thu Jan 16 22:30:37 CST 2014


So is CHARGEN (port 19).

-Daryl


On Thu, 16 Jan 2014, Adam Thompson wrote:

> Along the lines of a question Alan raised at the meeting this week... 
> apparently NTP DDoS attack are a thing now.  :-(
> -Adam
>
>
>
> -------- Original Message --------
> Subject: 	OpenNTPD and NTP reflection attacks
> Date: 	Wed, 15 Jan 2014 13:36:12 -0600
> From: 	Nicolai <nicolai-omisc at chocolatine.org>
> To: 	misc at openbsd.org
>
>
>
> Hi everyone,
>
> I have a question about OpenNTPD now that NTP reflection attacks are in
> the news.  OpenBSD produces and uses its own OpenNTPD, primarily written
> by Henning and made portable by Darren Tucker.
>
> The following website:
>
> http://openntpproject.org/
>
> is an important effort to minimize reflection-related holes in NTP
> software.  The given test command is not supported by OpenNTPD,
> suggesting no major amplification.  And after reading the manual pages I
> don't think there's an alternative for getting OpenNTPD to generate a
> large amplification, though I could be wrong.
>
> So, is it correct to say that OpenNTPD is immune from generating large
> amplifications?  (Recent articles on the subject mention 100x
> amplification factors!)
>
> Nicolai
>
>
>

-Daryl


More information about the Roundtable mailing list