[c-nsp] NTP DDoS

Alan Buxey A.L.M.Buxey at lboro.ac.uk
Wed Feb 12 14:36:55 EST 2014


> Something I can point customers to for testing their own set ups. ;)

On a Linux or mac

ntpdc -c monlist xxx.xxx.xxx.xxx

If you get a reply (which will consist of a list of IP addresses that have sync'd with the daemon) then the server has a non optimal config. ... and if it's already been found by others they will all be listed. .. You might even see openntp project and team cymru servers listed ;)

Alan


More information about the cisco-nsp mailing list