Fuzz, Numbers

Hal Murray hmurray at megapathdsl.net
Fri Jan 3 05:41:31 UTC 2020


]>> That turns off monitoring, aka the MRU list.
> I believe that was a security feature to prevent amplification of ddos-type
> attacks. (for ntp classic) Or doesn't this work this way for ntpsec? 

That was fixed in ntp classic long before ntpsec forked.

The old code was for the client to send a request then the server would send 
back a lot of data.  If you sent a forged request, that was a nice DDoS 
amplifier.

The fix was to add a cookie.  The server now needs a cookie along with the 
request.  You can get the cookie from the server.  It depends upon the IP 
Address.  If you are sending forged requests, it's hard to get the cookie for 
the target system.

You can also block 

-- 
These are my opinions.  I hate spam.





More information about the devel mailing list